From 6ba99cbc1e6abd2dcd2e87abaf06ea5f678e3d1a Mon Sep 17 00:00:00 2001 From: Andy Uhnak Date: Wed, 22 Mar 2023 13:06:30 +0000 Subject: [PATCH 1/5] Revert "Merge pull request #1740 from matrix-org/andy/user_trust" This reverts commit 4fb70e625d3b57a9dde85e8b314f5ff2da596340, reversing changes made to efdf2f41a47d73f792531b7acca32369f7a4132f. --- MatrixSDK.xcodeproj/project.pbxproj | 66 ++++++------- .../CrossSigning/Data/MXCrossSigningInfo.h | 3 +- .../CrossSigning/Data/MXCrossSigningInfo.m | 80 ++++----------- .../Data/MXCrossSigningInfo_Private.h | 3 +- .../Data/MXCryptoUserIdentityWrapper.swift | 10 +- .../Crypto/CrossSigning/MXCrossSigning.m | 55 +++++++---- .../CrossSigning/MXCrossSigningV2.swift | 12 ++- .../Crypto/Data/MXDeviceListOperationsPool.m | 15 ++- MatrixSDK/Crypto/MXCrypto.h | 15 ++- MatrixSDK/Crypto/MXCrypto.m | 53 ++++++---- MatrixSDK/Crypto/MXCryptoV2.swift | 19 ++-- MatrixSDK/Crypto/Recovery/MXRecoveryService.h | 7 +- MatrixSDK/Crypto/Recovery/MXRecoveryService.m | 4 +- .../Crypto/Trust/MXTrustLevelSource.swift | 37 ++++--- MatrixSDK/Crypto/Trust/MXTrustSummary.swift | 37 ------- MatrixSDK/Crypto/Trust/MXUserTrustLevel.h | 49 ++++++++++ MatrixSDK/Crypto/Trust/MXUserTrustLevel.m | 91 ++++++++++++++++++ .../Crypto/Trust/MXUsersTrustLevelSummary.h | 17 ++-- .../Crypto/Trust/MXUsersTrustLevelSummary.m | 36 +++---- .../Verification/MXKeyVerificationManager.m | 3 +- .../Transactions/QRCode/MXQRCodeTransaction.m | 2 +- .../Transactions/SAS/MXSASTransaction.m | 2 +- .../Models/MXUsersTrustLevelSummaryMO.swift | 8 +- MatrixSDK/MatrixSDK.h | 1 - .../Data/MXCrossSigningInfoUnitTests.swift | 85 ++-------------- .../CrossSigning/Data/MXCrossSigningInfo_v0 | Bin 681 -> 0 bytes .../MXCrossSigningInfoSourceUnitTests.swift | 2 +- .../Trust/MXTrustLevelSourceUnitTests.swift | 18 ++-- .../Trust/MXTrustSummaryUnitTests.swift | 56 ----------- MatrixSDKTests/MXCrossSigningTests.m | 50 +++++----- .../MXCrossSigningVerificationTests.m | 18 ++-- MatrixSDKTests/MXRoomSummaryTrustTests.m | 61 ++++++------ MatrixSDKTests/TestPlans/UnitTests.xctestplan | 1 - .../UnitTestsWithSanitizers.xctestplan | 1 - 34 files changed, 462 insertions(+), 455 deletions(-) delete mode 100644 MatrixSDK/Crypto/Trust/MXTrustSummary.swift create mode 100644 MatrixSDK/Crypto/Trust/MXUserTrustLevel.h create mode 100644 MatrixSDK/Crypto/Trust/MXUserTrustLevel.m delete mode 100644 MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 delete mode 100644 MatrixSDKTests/Crypto/Trust/MXTrustSummaryUnitTests.swift diff --git a/MatrixSDK.xcodeproj/project.pbxproj b/MatrixSDK.xcodeproj/project.pbxproj index be7aa34a65..5d3b96080e 100644 --- a/MatrixSDK.xcodeproj/project.pbxproj +++ b/MatrixSDK.xcodeproj/project.pbxproj @@ -276,6 +276,10 @@ 325653831A2E14ED00CC0423 /* MXStoreTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 325653821A2E14ED00CC0423 /* MXStoreTests.m */; }; 3256E3811DCB91EB003C9718 /* MXCryptoConstants.h in Headers */ = {isa = PBXBuildFile; fileRef = 3256E37F1DCB91EB003C9718 /* MXCryptoConstants.h */; settings = {ATTRIBUTES = (Public, ); }; }; 3256E3821DCB91EB003C9718 /* MXCryptoConstants.m in Sources */ = {isa = PBXBuildFile; fileRef = 3256E3801DCB91EB003C9718 /* MXCryptoConstants.m */; }; + 32581DE823C8C0C900832EAA /* MXUserTrustLevel.h in Headers */ = {isa = PBXBuildFile; fileRef = 32581DE623C8C0C900832EAA /* MXUserTrustLevel.h */; settings = {ATTRIBUTES = (Public, ); }; }; + 32581DE923C8C0C900832EAA /* MXUserTrustLevel.h in Headers */ = {isa = PBXBuildFile; fileRef = 32581DE623C8C0C900832EAA /* MXUserTrustLevel.h */; settings = {ATTRIBUTES = (Public, ); }; }; + 32581DEA23C8C0C900832EAA /* MXUserTrustLevel.m in Sources */ = {isa = PBXBuildFile; fileRef = 32581DE723C8C0C900832EAA /* MXUserTrustLevel.m */; }; + 32581DEB23C8C0C900832EAA /* MXUserTrustLevel.m in Sources */ = {isa = PBXBuildFile; fileRef = 32581DE723C8C0C900832EAA /* MXUserTrustLevel.m */; }; 3259CD531DF860C300186944 /* MXRealmCryptoStore.h in Headers */ = {isa = PBXBuildFile; fileRef = 3259CD511DF860C300186944 /* MXRealmCryptoStore.h */; settings = {ATTRIBUTES = (Public, ); }; }; 3259CD541DF860C300186944 /* MXRealmCryptoStore.m in Sources */ = {isa = PBXBuildFile; fileRef = 3259CD521DF860C300186944 /* MXRealmCryptoStore.m */; }; 3259CFE626026A6F00C365DB /* MXRestClient+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3259CFE526026A6F00C365DB /* MXRestClient+Extensions.swift */; }; @@ -872,7 +876,7 @@ B14EF1E32397E90400758AF0 /* MXCall.m in Sources */ = {isa = PBXBuildFile; fileRef = 3245A74D1AF7B2930001D8A7 /* MXCall.m */; }; B14EF1E42397E90400758AF0 /* MXWellknownIntegrations.m in Sources */ = {isa = PBXBuildFile; fileRef = 32CF439C2371AF9500907C56 /* MXWellknownIntegrations.m */; }; B14EF1E52397E90400758AF0 /* MXLoginPolicy.m in Sources */ = {isa = PBXBuildFile; fileRef = 3275FD9B21A6B60B00B9C13D /* MXLoginPolicy.m */; }; - B14EF1E62397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; + B14EF1E62397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; B14EF1E72397E90400758AF0 /* MXRoomThirdPartyInvite.m in Sources */ = {isa = PBXBuildFile; fileRef = 327F8DB11C6112BA00581CA3 /* MXRoomThirdPartyInvite.m */; }; B14EF1E82397E90400758AF0 /* MXRoomPowerLevels.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982F42119E4A2001FD722 /* MXRoomPowerLevels.m */; }; B14EF1E92397E90400758AF0 /* MXRealmMediaScanMapper.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D4DE21A5AEF100D8C2C6 /* MXRealmMediaScanMapper.m */; }; @@ -929,7 +933,7 @@ B14EF21D2397E90400758AF0 /* MXEncryptedContentKey.m in Sources */ = {isa = PBXBuildFile; fileRef = 021AFBA12179E91800742B2C /* MXEncryptedContentKey.m */; }; B14EF21E2397E90400758AF0 /* MXEventDecryptionResult.m in Sources */ = {isa = PBXBuildFile; fileRef = 32F634AA1FC5E3470054EF49 /* MXEventDecryptionResult.m */; }; B14EF21F2397E90400758AF0 /* MXMyUser.m in Sources */ = {isa = PBXBuildFile; fileRef = 327137261A24D50A00DB6757 /* MXMyUser.m */; }; - B14EF2202397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; + B14EF2202397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; B14EF2212397E90400758AF0 /* MX3PID.swift in Sources */ = {isa = PBXBuildFile; fileRef = C6F935831E5B3BE600FC34BF /* MX3PID.swift */; }; B14EF2222397E90400758AF0 /* MXMediaScan.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D47621A5950800D8C2C6 /* MXMediaScan.m */; }; B14EF2232397E90400758AF0 /* MXEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = C6F935861E5B3BE600FC34BF /* MXEvent.swift */; }; @@ -944,7 +948,7 @@ B14EF22C2397E90400758AF0 /* MXAccountData.m in Sources */ = {isa = PBXBuildFile; fileRef = 3264DB901CEC528D00B99881 /* MXAccountData.m */; }; B14EF22D2397E90400758AF0 /* MXRealmReactionCount.m in Sources */ = {isa = PBXBuildFile; fileRef = 32133018228B010C0070BA9B /* MXRealmReactionCount.m */; }; B14EF22E2397E90400758AF0 /* MXCryptoTools.m in Sources */ = {isa = PBXBuildFile; fileRef = 3250E7C9220C913900736CB5 /* MXCryptoTools.m */; }; - B14EF22F2397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; + B14EF22F2397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; B14EF2302397E90400758AF0 /* MXDeviceListOperation.m in Sources */ = {isa = PBXBuildFile; fileRef = 322691311E5EF77D00966A6E /* MXDeviceListOperation.m */; }; B14EF2312397E90400758AF0 /* MX3PidAddSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 32D2CBFF23422462002BD8CA /* MX3PidAddSession.m */; }; B14EF2322397E90400758AF0 /* MXBugReportRestClient.m in Sources */ = {isa = PBXBuildFile; fileRef = 3283F7771EAF30F700C1688C /* MXBugReportRestClient.m */; }; @@ -988,7 +992,7 @@ B14EF25B2397E90400758AF0 /* MXSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 320DFDD119DD99B60068622A /* MXSession.m */; }; B14EF25C2397E90400758AF0 /* MXRoomTombStoneContent.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982EE2119E49F001FD722 /* MXRoomTombStoneContent.m */; }; B14EF25D2397E90400758AF0 /* MXImage.swift in Sources */ = {isa = PBXBuildFile; fileRef = C602B58D1F22A8D700B67D87 /* MXImage.swift */; }; - B14EF25E2397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; + B14EF25E2397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; B14EF25F2397E90400758AF0 /* MXServerNoticeContent.m in Sources */ = {isa = PBXBuildFile; fileRef = 32954018216385F100E300FC /* MXServerNoticeContent.m */; }; B14EF2602397E90400758AF0 /* MXContentScanResult.m in Sources */ = {isa = PBXBuildFile; fileRef = 02CAD434217DD12F0074700B /* MXContentScanResult.m */; }; B14EF2612397E90400758AF0 /* MXRealmAggregationsStore.m in Sources */ = {isa = PBXBuildFile; fileRef = 32133014228AF4EF0070BA9B /* MXRealmAggregationsStore.m */; }; @@ -1026,7 +1030,7 @@ B14EF2822397E90400758AF0 /* MXDeviceList.m in Sources */ = {isa = PBXBuildFile; fileRef = 32637ED31E5B00400011E20D /* MXDeviceList.m */; }; B14EF2832397E90400758AF0 /* MXRoomCreateContent.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982F22119E4A1001FD722 /* MXRoomCreateContent.m */; }; B14EF2842397E90400758AF0 /* MXUIKitBackgroundModeHandler.m in Sources */ = {isa = PBXBuildFile; fileRef = 32A9E8231EF4026E0081358A /* MXUIKitBackgroundModeHandler.m */; }; - B14EF2852397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; + B14EF2852397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; B14EF2862397E90400758AF0 /* MXRealmMediaScanStore.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D4F521A5BB9F00D8C2C6 /* MXRealmMediaScanStore.m */; }; B14EF2872397E90400758AF0 /* MXPusherData.m in Sources */ = {isa = PBXBuildFile; fileRef = 32999DE222DCD1AD004FF987 /* MXPusherData.m */; }; B14EF2882397E90400758AF0 /* MXOlmDevice.m in Sources */ = {isa = PBXBuildFile; fileRef = 322A51C61D9BBD3C00C8536D /* MXOlmDevice.m */; }; @@ -1846,8 +1850,6 @@ ED356530281153480002BF6A /* MXMegolmSessionDataUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED35652E281153480002BF6A /* MXMegolmSessionDataUnitTests.swift */; }; ED36ED8628DD9E2200C86416 /* MXCryptoKeyBackupEngine.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED36ED8528DD9E2100C86416 /* MXCryptoKeyBackupEngine.swift */; }; ED36ED8728DD9E2200C86416 /* MXCryptoKeyBackupEngine.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED36ED8528DD9E2100C86416 /* MXCryptoKeyBackupEngine.swift */; }; - ED3C934229C0CD39008E3C5D /* MXTrustSummary.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED3C934129C0CD39008E3C5D /* MXTrustSummary.swift */; }; - ED3C934329C0CD39008E3C5D /* MXTrustSummary.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED3C934129C0CD39008E3C5D /* MXTrustSummary.swift */; }; ED4114E8292E496C00728459 /* MXBackgroundCrypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED4114E7292E496C00728459 /* MXBackgroundCrypto.swift */; }; ED4114E9292E496C00728459 /* MXBackgroundCrypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED4114E7292E496C00728459 /* MXBackgroundCrypto.swift */; }; ED4114EB292E498100728459 /* MXBackgroundCryptoV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED4114EA292E498100728459 /* MXBackgroundCryptoV2.swift */; }; @@ -1977,10 +1979,6 @@ ED76A4AE28EDA2CE00036FF0 /* MXKeyVerificationStateResolver.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED76A4AC28EDA2CE00036FF0 /* MXKeyVerificationStateResolver.swift */; }; ED79B9852940BB45008952F6 /* MXToDevicePayloadUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED79B9842940BB45008952F6 /* MXToDevicePayloadUnitTests.swift */; }; ED79B9862940BB45008952F6 /* MXToDevicePayloadUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED79B9842940BB45008952F6 /* MXToDevicePayloadUnitTests.swift */; }; - ED7AA21729C31DDE001293AA /* MXTrustSummaryUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED7AA21629C31DDE001293AA /* MXTrustSummaryUnitTests.swift */; }; - ED7AA21829C31DDE001293AA /* MXTrustSummaryUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED7AA21629C31DDE001293AA /* MXTrustSummaryUnitTests.swift */; }; - ED7AA21D29C34A1C001293AA /* MXCrossSigningInfo_v0 in Resources */ = {isa = PBXBuildFile; fileRef = ED7AA21C29C34A1C001293AA /* MXCrossSigningInfo_v0 */; }; - ED7AA21E29C34A1C001293AA /* MXCrossSigningInfo_v0 in Resources */ = {isa = PBXBuildFile; fileRef = ED7AA21C29C34A1C001293AA /* MXCrossSigningInfo_v0 */; }; ED825F8F29014EDA006A614E /* MXSession+LegacyCrypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED825F8E29014EDA006A614E /* MXSession+LegacyCrypto.swift */; }; ED825F9029014EDA006A614E /* MXSession+LegacyCrypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED825F8E29014EDA006A614E /* MXSession+LegacyCrypto.swift */; }; ED88999127F2065D00718486 /* MXRoomAliasResolution.h in Headers */ = {isa = PBXBuildFile; fileRef = ED88998F27F2065C00718486 /* MXRoomAliasResolution.h */; settings = {ATTRIBUTES = (Public, ); }; }; @@ -2007,10 +2005,10 @@ EDA69341290BA92E00223252 /* MXCryptoMachineUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDA6933F290BA92E00223252 /* MXCryptoMachineUnitTests.swift */; }; EDAAC41928E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC41828E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift */; }; EDAAC41A28E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC41828E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift */; }; - EDAAC41C28E30F3C00DD89B5 /* (null) in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; - EDAAC41D28E30F3C00DD89B5 /* (null) in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; - EDAAC41F28E30F4C00DD89B5 /* (null) in Sources */ = {isa = PBXBuildFile; }; - EDAAC42028E30F4C00DD89B5 /* (null) in Sources */ = {isa = PBXBuildFile; }; + EDAAC41C28E30F3C00DD89B5 /* BuildFile in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; + EDAAC41D28E30F3C00DD89B5 /* BuildFile in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; + EDAAC41F28E30F4C00DD89B5 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + EDAAC42028E30F4C00DD89B5 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; EDAAC42128E3174700DD89B5 /* MXCryptoSecretStore.h in Headers */ = {isa = PBXBuildFile; fileRef = EDAAC41228E2F86800DD89B5 /* MXCryptoSecretStore.h */; settings = {ATTRIBUTES = (Public, ); }; }; EDAAC42228E3174700DD89B5 /* MXCryptoSecretStore.h in Headers */ = {isa = PBXBuildFile; fileRef = EDAAC41228E2F86800DD89B5 /* MXCryptoSecretStore.h */; settings = {ATTRIBUTES = (Public, ); }; }; EDAAC42428E3177000DD89B5 /* MXRecoveryServiceDependencies.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC42328E3177000DD89B5 /* MXRecoveryServiceDependencies.swift */; }; @@ -2327,6 +2325,8 @@ 325653821A2E14ED00CC0423 /* MXStoreTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXStoreTests.m; sourceTree = ""; }; 3256E37F1DCB91EB003C9718 /* MXCryptoConstants.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MXCryptoConstants.h; sourceTree = ""; }; 3256E3801DCB91EB003C9718 /* MXCryptoConstants.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXCryptoConstants.m; sourceTree = ""; }; + 32581DE623C8C0C900832EAA /* MXUserTrustLevel.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MXUserTrustLevel.h; sourceTree = ""; }; + 32581DE723C8C0C900832EAA /* MXUserTrustLevel.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MXUserTrustLevel.m; sourceTree = ""; }; 3259CD511DF860C300186944 /* MXRealmCryptoStore.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MXRealmCryptoStore.h; sourceTree = ""; }; 3259CD521DF860C300186944 /* MXRealmCryptoStore.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXRealmCryptoStore.m; sourceTree = ""; }; 3259CFE526026A6F00C365DB /* MXRestClient+Extensions.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "MXRestClient+Extensions.swift"; sourceTree = ""; }; @@ -3092,7 +3092,6 @@ ED35652B281150310002BF6A /* MXOlmInboundGroupSessionUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXOlmInboundGroupSessionUnitTests.swift; sourceTree = ""; }; ED35652E281153480002BF6A /* MXMegolmSessionDataUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXMegolmSessionDataUnitTests.swift; sourceTree = ""; }; ED36ED8528DD9E2100C86416 /* MXCryptoKeyBackupEngine.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MXCryptoKeyBackupEngine.swift; sourceTree = ""; }; - ED3C934129C0CD39008E3C5D /* MXTrustSummary.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXTrustSummary.swift; sourceTree = ""; }; ED4114E7292E496C00728459 /* MXBackgroundCrypto.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXBackgroundCrypto.swift; sourceTree = ""; }; ED4114EA292E498100728459 /* MXBackgroundCryptoV2.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXBackgroundCryptoV2.swift; sourceTree = ""; }; ED4114ED292E49C000728459 /* MXLegacyBackgroundCrypto.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXLegacyBackgroundCrypto.swift; sourceTree = ""; }; @@ -3156,8 +3155,6 @@ ED751DAD28EDEC7E003748C3 /* MXKeyVerificationStateResolverUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXKeyVerificationStateResolverUnitTests.swift; sourceTree = ""; }; ED76A4AC28EDA2CE00036FF0 /* MXKeyVerificationStateResolver.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXKeyVerificationStateResolver.swift; sourceTree = ""; }; ED79B9842940BB45008952F6 /* MXToDevicePayloadUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXToDevicePayloadUnitTests.swift; sourceTree = ""; }; - ED7AA21629C31DDE001293AA /* MXTrustSummaryUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXTrustSummaryUnitTests.swift; sourceTree = ""; }; - ED7AA21C29C34A1C001293AA /* MXCrossSigningInfo_v0 */ = {isa = PBXFileReference; lastKnownFileType = file.bplist; path = MXCrossSigningInfo_v0; sourceTree = ""; }; ED825F8E29014EDA006A614E /* MXSession+LegacyCrypto.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MXSession+LegacyCrypto.swift"; sourceTree = ""; }; ED88998F27F2065C00718486 /* MXRoomAliasResolution.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MXRoomAliasResolution.h; sourceTree = ""; }; ED88999027F2065D00718486 /* MXRoomAliasResolution.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXRoomAliasResolution.m; sourceTree = ""; }; @@ -3497,7 +3494,8 @@ children = ( 32261B8823C74A230018F1E2 /* MXDeviceTrustLevel.h */, 32261B8923C74A230018F1E2 /* MXDeviceTrustLevel.m */, - ED3C934129C0CD39008E3C5D /* MXTrustSummary.swift */, + 32581DE623C8C0C900832EAA /* MXUserTrustLevel.h */, + 32581DE723C8C0C900832EAA /* MXUserTrustLevel.m */, B14766B523D9D9410091F721 /* MXUsersTrustLevelSummary.h */, B14766B623D9D9410091F721 /* MXUsersTrustLevelSummary.m */, EDD578DD2881C37C006739DD /* MXTrustLevelSource.swift */, @@ -5727,7 +5725,6 @@ ED8F1D1528857FDA00F897E7 /* Data */ = { isa = PBXGroup; children = ( - ED7AA21C29C34A1C001293AA /* MXCrossSigningInfo_v0 */, ED8F1D1628857FE600F897E7 /* MXCrossSigningInfoUnitTests.swift */, ); path = Data; @@ -5776,7 +5773,6 @@ isa = PBXGroup; children = ( ED8F1D2F2885AB0300F897E7 /* MXTrustLevelSourceUnitTests.swift */, - ED7AA21629C31DDE001293AA /* MXTrustSummaryUnitTests.swift */, ); path = Trust; sourceTree = ""; @@ -5882,6 +5878,7 @@ 32114A8F1A262ECB00FF2EC4 /* MXNoStore.h in Headers */, 32D776811A27877300FC4AA2 /* MXMemoryRoomStore.h in Headers */, B146D4E621A5AEF200D8C2C6 /* MXRealmMediaScan.h in Headers */, + 32581DE823C8C0C900832EAA /* MXUserTrustLevel.h in Headers */, B146D4EF21A5AF7F00D8C2C6 /* MXRealmEventScan.h in Headers */, B146D49C21A5A04300D8C2C6 /* MXMediaScanStoreDelegate.h in Headers */, 32322A4B1E575F65005DD155 /* MXAllowedCertificates.h in Headers */, @@ -5923,7 +5920,7 @@ B146D47421A5945800D8C2C6 /* MXAntivirusScanStatus.h in Headers */, 322691361E5EFF8700966A6E /* MXDeviceListOperationsPool.h in Headers */, 3281E8B719E42DFE00976E1A /* MXJSONModel.h in Headers */, - EDAAC41C28E30F3C00DD89B5 /* (null) in Headers */, + EDAAC41C28E30F3C00DD89B5 /* BuildFile in Headers */, B135066127E9CB6400BD3276 /* MXBeaconInfo.h in Headers */, EC5C562827A36EDB0014CBE9 /* MXInReplyTo.h in Headers */, EC8A539325B1BC77004E0802 /* MXCallSessionDescription.h in Headers */, @@ -6294,6 +6291,7 @@ B14EF2A62397E90400758AF0 /* MXAggregations.h in Headers */, 8EC511052568216B00EC4E5B /* MXTaggedEventInfo.h in Headers */, B14EF2A72397E90400758AF0 /* MXPushRuleConditionChecker.h in Headers */, + 32581DE923C8C0C900832EAA /* MXUserTrustLevel.h in Headers */, EC403835289A672A0067D5B8 /* MXAes256BackupAuthData.h in Headers */, B14EF2A82397E90400758AF0 /* MXServiceTermsRestClient.h in Headers */, EC8A53DB25B1BCC6004E0802 /* MXThirdPartyUsersResponse.h in Headers */, @@ -6546,7 +6544,7 @@ 324AAC7E2399143400380A66 /* MXKeyVerificationCancel.h in Headers */, ED01915528C64E0400ED3A69 /* MXRoomKeyEventContent.h in Headers */, B14EF3372397E90400758AF0 /* MXRoomTombStoneContent.h in Headers */, - EDAAC41D28E30F3C00DD89B5 /* (null) in Headers */, + EDAAC41D28E30F3C00DD89B5 /* BuildFile in Headers */, 3274538B23FD918800438328 /* MXKeyVerificationByToDeviceRequest.h in Headers */, B14EF3382397E90400758AF0 /* MXFilterObject.h in Headers */, B14EF3392397E90400758AF0 /* MXRealmReactionCount.h in Headers */, @@ -6764,7 +6762,6 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( - ED7AA21D29C34A1C001293AA /* MXCrossSigningInfo_v0 in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -6785,7 +6782,6 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( - ED7AA21E29C34A1C001293AA /* MXCrossSigningInfo_v0 in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -7111,7 +7107,6 @@ EC0B94242718E3EE00B4D440 /* MXCoreDataRoomListDataFetcher.swift in Sources */, C6F935881E5B3BE600FC34BF /* MX3PID.swift in Sources */, B16C2458283AB10B00F5D1FE /* MXRealmBeaconInfoSummary.swift in Sources */, - ED3C934229C0CD39008E3C5D /* MXTrustSummary.swift in Sources */, B146D47821A5950800D8C2C6 /* MXMediaScan.m in Sources */, 3A108AA425810FE5005EEBE9 /* MXRawDataKey.m in Sources */, C6F9358A1E5B3BE600FC34BF /* MXEvent.swift in Sources */, @@ -7119,6 +7114,7 @@ 329E808D224E2E1B00A48C3A /* MXOutgoingSASTransaction.m in Sources */, 1838927A2702F553003F0C4F /* MXSendReplyEventDefaultStringLocalizer.m in Sources */, EC0B941E27186C3500B4D440 /* MXRoomListDataSortable.swift in Sources */, + 32581DEA23C8C0C900832EAA /* MXUserTrustLevel.m in Sources */, 66AC9D25278CE627002E9B8F /* MXRefreshTokenData.m in Sources */, 3271878A1DA7DCE50071C818 /* MXOlmEncryption.m in Sources */, 327187861DA7D0220071C818 /* MXOlmDecryption.m in Sources */, @@ -7302,7 +7298,7 @@ ED6DABFC28C7542800ECDCB6 /* MXRoomKeyInfoFactory.swift in Sources */, B11556EE230C45C600B2A2CF /* MXIdentityServerRestClient.swift in Sources */, ED5EF145297AB1F200A5ADDA /* MXRoomEventEncryption.swift in Sources */, - EDAAC41F28E30F4C00DD89B5 /* (null) in Sources */, + EDAAC41F28E30F4C00DD89B5 /* BuildFile in Sources */, 321CFDE722525A49004D31DF /* MXSASTransaction.m in Sources */, EDDBA7F0293F353900AD1480 /* MXToDevicePayload.swift in Sources */, 32720D9D222EAA6F0086FFF5 /* MXDiscoveredClientConfig.m in Sources */, @@ -7466,7 +7462,6 @@ ECB6FA8E267CFF4300A941E4 /* MXCredentialsUnitTests.swift in Sources */, ED7019F52886CA6C00FC31B9 /* MXKeyVerificationRequestV2UnitTests.swift in Sources */, ED6DAC1128C788A700ECDCB6 /* MXRoomKeyInfoFactoryUnitTests.swift in Sources */, - ED7AA21729C31DDE001293AA /* MXTrustSummaryUnitTests.swift in Sources */, 3A108E6725826F52005EEBE9 /* MXKeyProviderUnitTests.m in Sources */, 3A858DE8275511A4006322C1 /* MXRoomAliasAvailabilityCheckerResultTests.swift in Sources */, EC116593270FB6970089FA56 /* MXBackgroundTaskUnitTests.swift in Sources */, @@ -7614,7 +7609,7 @@ EC1165B527107E330089FA56 /* MXStoreRoomListDataManager.swift in Sources */, 66836ABA27CFA17200515780 /* MXLiveEventListener.swift in Sources */, B14EF1E52397E90400758AF0 /* MXLoginPolicy.m in Sources */, - B14EF1E62397E90400758AF0 /* (null) in Sources */, + B14EF1E62397E90400758AF0 /* BuildFile in Sources */, B18D23F727ECF199004C4277 /* MXLocationService.swift in Sources */, EC60EDB5265CFE6200B39A4E /* MXRoomSyncEphemeral.m in Sources */, B14EF1E72397E90400758AF0 /* MXRoomThirdPartyInvite.m in Sources */, @@ -7697,6 +7692,7 @@ B14EF2032397E90400758AF0 /* MXMegolmEncryption.m in Sources */, B14EECDA2577DE7B00448735 /* MXLoginSSOIdentityProvider.m in Sources */, B14EF2042397E90400758AF0 /* MXIncomingRoomKeyRequest.m in Sources */, + 32581DEB23C8C0C900832EAA /* MXUserTrustLevel.m in Sources */, EC0C51752559388C00F2CC66 /* MXStopwatch.swift in Sources */, EC403855289ACF5E0067D5B8 /* MXKeyBackupPreparationInfo.m in Sources */, 3259D0092603705300C365DB /* Array.swift in Sources */, @@ -7754,7 +7750,7 @@ B14EF21F2397E90400758AF0 /* MXMyUser.m in Sources */, EDAAC42528E3177300DD89B5 /* MXRecoveryServiceDependencies.swift in Sources */, EC60EDAB265CFE3B00B39A4E /* MXRoomSyncTimeline.m in Sources */, - B14EF2202397E90400758AF0 /* (null) in Sources */, + B14EF2202397E90400758AF0 /* BuildFile in Sources */, ED647E3F292CE64400A47519 /* MXSessionStartupProgress.swift in Sources */, B14EF2212397E90400758AF0 /* MX3PID.swift in Sources */, 18121F79273E6E4100B68ADF /* PollBuilder.swift in Sources */, @@ -7782,7 +7778,6 @@ B14EF22A2397E90400758AF0 /* MXReplyEventFormattedBodyParts.m in Sources */, ECD2899626EB3B4200F268CF /* MXStoreRoomListDataFetcher.swift in Sources */, B16C2459283AB10B00F5D1FE /* MXRealmBeaconInfoSummary.swift in Sources */, - ED3C934329C0CD39008E3C5D /* MXTrustSummary.swift in Sources */, 324AAC7A2399140D00380A66 /* MXKeyVerificationMac.m in Sources */, B14EF22B2397E90400758AF0 /* MXFileStoreMetaData.m in Sources */, EC8A53A825B1BC77004E0802 /* MXCallCapabilitiesModel.m in Sources */, @@ -7794,7 +7789,7 @@ B18B0E6825FBDC3000E32151 /* MXSpace.swift in Sources */, B14EF22D2397E90400758AF0 /* MXRealmReactionCount.m in Sources */, B14EF22E2397E90400758AF0 /* MXCryptoTools.m in Sources */, - B14EF22F2397E90400758AF0 /* (null) in Sources */, + B14EF22F2397E90400758AF0 /* BuildFile in Sources */, B14EF2302397E90400758AF0 /* MXDeviceListOperation.m in Sources */, 32C78B6B256CFC4D008130B1 /* MXCryptoMigration.m in Sources */, ECDA763027B292B5000C48CF /* MXThreadModel.swift in Sources */, @@ -7912,7 +7907,7 @@ B14EF25C2397E90400758AF0 /* MXRoomTombStoneContent.m in Sources */, B1432B52282AB29A00737CA6 /* MXBeaconInfoSummaryAllRoomListener.swift in Sources */, B14EF25D2397E90400758AF0 /* MXImage.swift in Sources */, - B14EF25E2397E90400758AF0 /* (null) in Sources */, + B14EF25E2397E90400758AF0 /* BuildFile in Sources */, 32B090E3261F709B002924AA /* MXAsyncTaskQueue.swift in Sources */, B14EF25F2397E90400758AF0 /* MXServerNoticeContent.m in Sources */, B1F04B112811E7B600103EBE /* MXBeaconInfoSummaryMemoryStore.swift in Sources */, @@ -7974,7 +7969,7 @@ ED6DABFD28C7542800ECDCB6 /* MXRoomKeyInfoFactory.swift in Sources */, B14EF2782397E90400758AF0 /* MXTransactionCancelCode.m in Sources */, ED5EF146297AB1F200A5ADDA /* MXRoomEventEncryption.swift in Sources */, - EDAAC42028E30F4C00DD89B5 /* (null) in Sources */, + EDAAC42028E30F4C00DD89B5 /* BuildFile in Sources */, B14EF2792397E90400758AF0 /* MXEventListener.m in Sources */, EDDBA7F1293F353900AD1480 /* MXToDevicePayload.swift in Sources */, B1710B202613D01400A9B429 /* MXSpaceChildrenRequestParameters.swift in Sources */, @@ -8011,7 +8006,7 @@ EC60ED7E265CFCD100B39A4E /* MXDeviceListResponse.m in Sources */, 323F879025553D84009E9E67 /* MXTaskProfile.m in Sources */, B14EF2842397E90400758AF0 /* MXUIKitBackgroundModeHandler.m in Sources */, - B14EF2852397E90400758AF0 /* (null) in Sources */, + B14EF2852397E90400758AF0 /* BuildFile in Sources */, 32A9F8E1244720B10069C65B /* MXThrottler.m in Sources */, 3274538D23FD918800438328 /* MXKeyVerificationByToDeviceRequest.m in Sources */, 32CEEF5223B0AB030039BA98 /* MXCrossSigning.m in Sources */, @@ -8138,7 +8133,6 @@ B1E09A462397FD990057C069 /* MXMediaScanStoreUnitTests.m in Sources */, ED7019F62886CA6C00FC31B9 /* MXKeyVerificationRequestV2UnitTests.swift in Sources */, ED6DAC1228C788A700ECDCB6 /* MXRoomKeyInfoFactoryUnitTests.swift in Sources */, - ED7AA21829C31DDE001293AA /* MXTrustSummaryUnitTests.swift in Sources */, ECB6FA8F267CFF4300A941E4 /* MXCredentialsUnitTests.swift in Sources */, 3A858DE9275511A4006322C1 /* MXRoomAliasAvailabilityCheckerResultTests.swift in Sources */, ED7019DF2886C25600FC31B9 /* MXDeviceInfoUnitTests.swift in Sources */, diff --git a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.h b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.h index f312846d1a..e366bb3ca8 100644 --- a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.h +++ b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.h @@ -17,6 +17,7 @@ #import #import "MXCrossSigningKey.h" +#import "MXUserTrustLevel.h" @class MXCryptoUserIdentityWrapper; @@ -55,7 +56,7 @@ extern NSString *const MXCrossSigningInfoTrustLevelDidChangeNotification; #pragma mark - Additional information -@property (nonatomic, readonly) BOOL isVerified; +@property (nonatomic, readonly) MXUserTrustLevel *trustLevel; @end diff --git a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m index a717799ed0..90d99fefb2 100644 --- a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m +++ b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m @@ -21,38 +21,6 @@ NSString *const MXCrossSigningInfoTrustLevelDidChangeNotification = @"MXCrossSigningInfoTrustLevelDidChangeNotification"; -#pragma mark - Deprecated user trust - -/** - Deprecated model of user trust that distinguished local vs cross-signing verification - - This model is no longer used and is replaced by a combined `isVerified` property on `MXCrossSigningInfo`. - For backwards compatibility (reading archived values) the model needs to be kept around, albeit as private only. - */ -@interface MXDeprecatedUserTrustLevel : NSObject -@property (nonatomic, readonly) BOOL isCrossSigningVerified; -@end - -@implementation MXDeprecatedUserTrustLevel -- (id)initWithCoder:(NSCoder *)aDecoder -{ - self = [super init]; - if (self) - { - // We ignore `isLocallyVerified` field and only consider `isCrossSigningVerified` - _isCrossSigningVerified = [aDecoder decodeBoolForKey:@"isCrossSigningVerified"]; - } - return self; -} - -- (void)encodeWithCoder:(NSCoder *)aCoder -{ - MXLogFailure(@"[MXDeprecatedUserTrustLevel] encode: This model should only be used for decoding existing data, not encoding new data"); -} -@end - -#pragma mark - CrossSigningInfo - @implementation MXCrossSigningInfo - (instancetype)initWithUserIdentity:(MXCryptoUserIdentityWrapper *)userIdentity @@ -75,7 +43,7 @@ - (instancetype)initWithUserIdentity:(MXCryptoUserIdentityWrapper *)userIdentity keys[MXCrossSigningKeyType.userSigning] = userIdentity.userSignedKeys; } _keys = keys.copy; - _isVerified = userIdentity.isVerified; + _trustLevel = userIdentity.trustLevel; } return self; } @@ -124,22 +92,7 @@ - (id)initWithCoder:(NSCoder *)aDecoder { _userId = [aDecoder decodeObjectForKey:@"userId"]; _keys = [aDecoder decodeObjectForKey:@"keys"]; - - // Initial version (i.e. version 0) of the model stored user trust via `MXUserTrustLevel` submodel. - // If we are reading this version out we need to decode verification state from this model before - // migrating it over to `isVerified` - NSInteger version = [aDecoder decodeIntegerForKey:@"version"]; - if (version == 0) - { - [NSKeyedUnarchiver setClass:MXDeprecatedUserTrustLevel.class forClassName:@"MXUserTrustLevel"]; - MXDeprecatedUserTrustLevel *trust = [aDecoder decodeObjectForKey:@"trustLevel"]; - // Only convert cross-signed verification status, not local verification status - _isVerified = trust.isCrossSigningVerified; - } - else - { - _isVerified = [aDecoder decodeBoolForKey:@"isVerified"]; - } + _trustLevel = [aDecoder decodeObjectForKey:@"trustLevel"]; } return self; } @@ -148,8 +101,7 @@ - (void)encodeWithCoder:(NSCoder *)aCoder { [aCoder encodeObject:_userId forKey:@"userId"]; [aCoder encodeObject:_keys forKey:@"keys"]; - [aCoder encodeBool:_isVerified forKey:@"isVerified"]; - [aCoder encodeInteger:1 forKey:@"version"]; + [aCoder encodeObject:_trustLevel forKey:@"trustLevel"]; } @@ -161,23 +113,31 @@ - (instancetype)initWithUserId:(NSString *)userId if (self) { _userId = userId; - _isVerified = NO; + _trustLevel = [MXUserTrustLevel new]; } return self; } -- (void)setIsVerified:(BOOL)isVerified +- (void)setTrustLevel:(MXUserTrustLevel*)trustLevel +{ + _trustLevel = trustLevel; +} + +- (BOOL)updateTrustLevel:(MXUserTrustLevel*)trustLevel { - if (_isVerified == isVerified) + BOOL updated = NO; + + if (![_trustLevel isEqual:trustLevel]) { - return; + _trustLevel = trustLevel; + updated = YES; + [self didUpdateTrustLevel]; } - - _isVerified = isVerified; - [self didUpdateVerificationState]; + + return updated; } -- (void)didUpdateVerificationState +- (void)didUpdateTrustLevel { dispatch_async(dispatch_get_main_queue(),^{ [[NSNotificationCenter defaultCenter] postNotificationName:MXCrossSigningInfoTrustLevelDidChangeNotification object:self userInfo:nil]; @@ -198,7 +158,7 @@ - (void)addCrossSigningKey:(MXCrossSigningKey*)crossSigningKey type:(NSString*)t - (NSString *)description { - return [NSString stringWithFormat:@" Verified: %@\nMSK: %@\nSSK: %@\nUSK: %@", self, @(self.isVerified), self.masterKeys, self.selfSignedKeys, self.userSignedKeys]; + return [NSString stringWithFormat:@" Trusted: %@\nMSK: %@\nSSK: %@\nUSK: %@", self, @(self.trustLevel.isCrossSigningVerified), self.masterKeys, self.selfSignedKeys, self.userSignedKeys]; } @end diff --git a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo_Private.h b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo_Private.h index 092538906f..bc88c50c20 100644 --- a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo_Private.h +++ b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo_Private.h @@ -23,7 +23,8 @@ NS_ASSUME_NONNULL_BEGIN - (instancetype)initWithUserId:(NSString *)userId; -- (void)setIsVerified:(BOOL)isVerified; +- (void)setTrustLevel:(MXUserTrustLevel*)trustLevel; +- (BOOL)updateTrustLevel:(MXUserTrustLevel*)trustLevel; - (void)addCrossSigningKey:(MXCrossSigningKey*)crossSigningKey type:(NSString*)type; @end diff --git a/MatrixSDK/Crypto/CrossSigning/Data/MXCryptoUserIdentityWrapper.swift b/MatrixSDK/Crypto/CrossSigning/Data/MXCryptoUserIdentityWrapper.swift index 1423bd9322..f444ca2eb2 100644 --- a/MatrixSDK/Crypto/CrossSigning/Data/MXCryptoUserIdentityWrapper.swift +++ b/MatrixSDK/Crypto/CrossSigning/Data/MXCryptoUserIdentityWrapper.swift @@ -27,7 +27,7 @@ import MatrixSDKCrypto public let masterKeys: MXCrossSigningKey? public let selfSignedKeys: MXCrossSigningKey? public let userSignedKeys: MXCrossSigningKey? - public let isVerified: Bool + public let trustLevel: MXUserTrustLevel internal init(identity: UserIdentity, isVerified: Bool) { switch identity { @@ -43,7 +43,13 @@ import MatrixSDKCrypto self.selfSignedKeys = .init(jsonString: selfSigningKey) self.userSignedKeys = nil } - self.isVerified = isVerified + + // `MatrixSDKCrypto` does not distinguish local and cross-signed + // verification status for users + trustLevel = MXUserTrustLevel( + crossSigningVerified: isVerified, + locallyVerified: isVerified + ) } } diff --git a/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m b/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m index c53ba4849f..fc077033e3 100644 --- a/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m +++ b/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m @@ -135,7 +135,7 @@ - (void)setupWithAuthParams:(NSDictionary*)authParams [self.crypto.matrixRestClient uploadDeviceSigningKeys:signingKeys authParams:authParams success:^{ // Store our user's keys - [keys setIsVerified:YES]; + [keys updateTrustLevel:[MXUserTrustLevel trustLevelWithCrossSigningVerified:YES locallyVerified:YES]]; [self.crypto.store storeCrossSigningKeys:keys]; // Cross-signing is bootstrapped @@ -585,7 +585,7 @@ - (BOOL)isDeviceVerified:(MXDeviceInfo*)device BOOL isDeviceVerified = NO; MXCrossSigningInfo *userCrossSigning = [self.crypto.store crossSigningKeysForUser:device.userId]; - BOOL isUserVerified = [self.crypto isUserVerified:device.userId]; + MXUserTrustLevel *userTrustLevel = [self.crypto trustLevelForUser:device.userId]; MXCrossSigningKey *userSSK = userCrossSigning.selfSignedKeys; if (!userSSK) @@ -610,7 +610,7 @@ - (BOOL)isDeviceVerified:(MXDeviceInfo*)device // ...then we trust this device as much as far as we trust the user if (userSSKVerify && deviceVerify) { - isDeviceVerified = isUserVerified; + isDeviceVerified = userTrustLevel.isCrossSigningVerified; } return isDeviceVerified; @@ -685,14 +685,17 @@ - (void)resetTrust for (MXCrossSigningInfo *crossSigningInfo in self.crypto.store.crossSigningKeys) { BOOL isCrossSigningVerified = [self isUserWithCrossSigningKeysVerified:crossSigningInfo]; - if (crossSigningInfo.isVerified != isCrossSigningVerified) + if (crossSigningInfo.trustLevel.isCrossSigningVerified != isCrossSigningVerified) { MXLogDebug(@"[MXCrossSigning] resetTrust: Change trust for %@: %@ -> %@", crossSigningInfo.userId, - @(crossSigningInfo.isVerified), + @(crossSigningInfo.trustLevel.isCrossSigningVerified), @(isCrossSigningVerified)); - [crossSigningInfo setIsVerified:isCrossSigningVerified]; - [self.crypto.store storeCrossSigningKeys:crossSigningInfo]; + MXUserTrustLevel *newTrustLevel = [MXUserTrustLevel trustLevelWithCrossSigningVerified:isCrossSigningVerified locallyVerified:crossSigningInfo.trustLevel.isLocallyVerified]; + if ([crossSigningInfo updateTrustLevel:newTrustLevel]) + { + [self.crypto.store storeCrossSigningKeys:crossSigningInfo]; + } // Update trust on associated devices [self checkTrustLevelForDevicesOfUser:crossSigningInfo.userId]; @@ -742,32 +745,42 @@ - (BOOL)isSelfTrusted NSString *myUserId = _crypto.mxSession.myUserId; - // Is it signed by a locally trusted device? - NSDictionary *myUserSignatures = myMasterKey.signatures.map[myUserId]; - for (NSString *publicKeyId in myUserSignatures) + // Is the master key trusted? + MXCrossSigningInfo *myCrossSigningInfo = [_crypto.store crossSigningKeysForUser:myUserId]; + if (myCrossSigningInfo && myCrossSigningInfo.trustLevel.isLocallyVerified) { - MXKey *key = [[MXKey alloc] initWithKeyFullId:publicKeyId value:myUserSignatures[publicKeyId]]; - if ([key.type isEqualToString:kMXKeyEd25519Type]) + isMasterKeyTrusted = YES; + } + else + { + // Is it signed by a locally trusted device? + NSDictionary *myUserSignatures = myMasterKey.signatures.map[myUserId]; + for (NSString *publicKeyId in myUserSignatures) { - MXDeviceInfo *device = [self.crypto.store deviceWithDeviceId:key.keyId forUser:myUserId]; - if (device && device.trustLevel.isLocallyVerified) + MXKey *key = [[MXKey alloc] initWithKeyFullId:publicKeyId value:myUserSignatures[publicKeyId]]; + if ([key.type isEqualToString:kMXKeyEd25519Type]) { - // Check signature validity - NSError *error; - isMasterKeyTrusted = [_crypto.olmDevice verifySignature:device.fingerprint JSON:myMasterKey.signalableJSONDictionary signature:key.value error:&error]; - - if (isMasterKeyTrusted) + MXDeviceInfo *device = [self.crypto.store deviceWithDeviceId:key.keyId forUser:myUserId]; + if (device && device.trustLevel.isLocallyVerified) { - break; + // Check signature validity + NSError *error; + isMasterKeyTrusted = [_crypto.olmDevice verifySignature:device.fingerprint JSON:myMasterKey.signalableJSONDictionary signature:key.value error:&error]; + + if (isMasterKeyTrusted) + { + break; + } } } } } + if (!isMasterKeyTrusted) { MXLogDebug(@"[MXCrossSigning] isSelfTrusted: NO (MSK not trusted). MSK: %@", myMasterKey); - MXLogDebug(@"[MXCrossSigning] isSelfTrusted: My cross-signing info: %@", [self.crypto.store crossSigningKeysForUser:myUserId]); + MXLogDebug(@"[MXCrossSigning] isSelfTrusted: My cross-signing info: %@", myCrossSigningInfo); MXLogDebug(@"[MXCrossSigning] isSelfTrusted: My user devices: %@", [self.crypto.store devicesForUser:myUserId]); return NO; diff --git a/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift b/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift index 071d651edb..6fb1a7fb06 100644 --- a/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift +++ b/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift @@ -28,7 +28,7 @@ class MXCrossSigningV2: NSObject, MXCrossSigning { return .notBootstrapped } - if info.isVerified { + if info.trustLevel.isVerified { return hasAllPrivateKeys ? .canCrossSign : .trustCrossSigning } else { return .crossSigningExists @@ -217,11 +217,17 @@ class MXCrossSigningV2: NSObject, MXCrossSigning { } extension MXCrossSigningV2: MXRecoveryServiceDelegate { - func setUserVerificationForUserId( - _ userId: String, + func setUserVerification( + _ verificationStatus: Bool, + forUser userId: String, success: @escaping () -> Void, failure: @escaping (Swift.Error?) -> Void ) { + guard verificationStatus else { + log.failure("Cannot unset user trust") + failure(Error.cannotUnsetTrust) + return + } signUser(withUserId: userId, success: success, failure: failure) } } diff --git a/MatrixSDK/Crypto/Data/MXDeviceListOperationsPool.m b/MatrixSDK/Crypto/Data/MXDeviceListOperationsPool.m index ee2fc9540a..6b54fb3ada 100644 --- a/MatrixSDK/Crypto/Data/MXDeviceListOperationsPool.m +++ b/MatrixSDK/Crypto/Data/MXDeviceListOperationsPool.m @@ -137,11 +137,24 @@ - (void)doKeyDownloadForUsers:(NSArray *)users token:(NSString *)tok MXLogDebug(@"[MXDeviceListOperationsPool] doKeyDownloadForUsers: Detected cross-signing keys rotation"); myUserCrossSigningKeysChanged = YES; } + + // Use current trust level + MXUserTrustLevel *oldTrustLevel = storedCrossSigningKeys.trustLevel; + if (myUserCrossSigningKeysChanged) + { + // Except if we cannot trust it anymore + oldTrustLevel = [MXUserTrustLevel new]; + } + + [crossSigningKeys setTrustLevel:oldTrustLevel]; // Compute trust on this user // Note this overwrites the previous value BOOL isCrossSigningVerified = [self.crossSigning isUserWithCrossSigningKeysVerified:crossSigningKeys]; - [crossSigningKeys setIsVerified:isCrossSigningVerified]; + MXUserTrustLevel *newTrustLevel = [MXUserTrustLevel trustLevelWithCrossSigningVerified:isCrossSigningVerified + locallyVerified:oldTrustLevel.isLocallyVerified]; + + [crossSigningKeys updateTrustLevel:newTrustLevel]; // Note that keys which aren't in the response will be removed from the store [self->crypto.store storeCrossSigningKeys:crossSigningKeys]; diff --git a/MatrixSDK/Crypto/MXCrypto.h b/MatrixSDK/Crypto/MXCrypto.h index 7f87d54fae..d638850b0d 100644 --- a/MatrixSDK/Crypto/MXCrypto.h +++ b/MatrixSDK/Crypto/MXCrypto.h @@ -229,22 +229,19 @@ extern NSString *const MXDeviceListDidUpdateUsersDevicesNotification; failure:(nullable void (^)(NSError *error))failure; /** - Verify the given user via cross-signing + Update the verification state of the given user. + @param verificationStatus the new verification status. @param userId the user. @param success A block object called when the operation succeeds. @param failure A block object called when the operation fails. */ -- (void)setUserVerificationForUserId:(NSString*)userId - success:(nullable void (^)(void))success - failure:(nullable void (^)(NSError *error))failure; - -/** - Is the user verified via cross-signing - */ -- (BOOL)isUserVerified:(NSString *)userId; +- (void)setUserVerification:(BOOL)verificationStatus forUser:(NSString*)userId + success:(nullable void (^)(void))success + failure:(nullable void (^)(NSError *error))failure; +- (MXUserTrustLevel*)trustLevelForUser:(NSString*)userId; - (nullable MXDeviceTrustLevel*)deviceTrustLevelForDevice:(NSString*)deviceId ofUser:(NSString*)userId; /** diff --git a/MatrixSDK/Crypto/MXCrypto.m b/MatrixSDK/Crypto/MXCrypto.m index 268b8d1009..6066b74c7f 100644 --- a/MatrixSDK/Crypto/MXCrypto.m +++ b/MatrixSDK/Crypto/MXCrypto.m @@ -1148,13 +1148,16 @@ - (void)setDevicesKnown:(MXUsersDevicesMap *)devices complete:(v #endif } -- (void)setUserVerificationForUserId:(NSString*)userId - success:(void (^)(void))success - failure:(void (^)(NSError *error))failure +- (void)setUserVerification:(BOOL)verificationStatus forUser:(NSString*)userId + success:(void (^)(void))success + failure:(void (^)(NSError *error))failure { + // We cannot remove cross-signing trust for a user in the matrix spec + NSParameterAssert(verificationStatus); + #ifdef MX_CRYPTO dispatch_async(_cryptoQueue, ^{ - [self setUserVerificationForUserId2:userId downloadIfNeeded:YES success:success failure:failure]; + [self setUserVerification2:verificationStatus forUser:userId downloadIfNeeded:YES success:success failure:failure]; }); #else if (success) @@ -1164,10 +1167,10 @@ - (void)setUserVerificationForUserId:(NSString*)userId #endif } -- (void)setUserVerificationForUserId2:(NSString*)userId - downloadIfNeeded:(BOOL)downloadIfNeeded - success:(void (^)(void))success - failure:(void (^)(NSError *error))failure +- (void)setUserVerification2:(BOOL)verificationStatus forUser:(NSString*)userId + downloadIfNeeded:(BOOL)downloadIfNeeded + success:(void (^)(void))success + failure:(void (^)(NSError *error))failure { #ifdef MX_CRYPTO MXCrossSigningInfo *crossSigningInfo = [self.store crossSigningKeysForUser:userId]; @@ -1179,7 +1182,7 @@ - (void)setUserVerificationForUserId2:(NSString*)userId { MXLogDebug(@"[MXCrypto] setUserVerification: Unknown user. Try to download user's keys for %@", userId); [self.deviceList downloadKeys:@[userId] forceDownload:YES success:^(MXUsersDevicesMap *usersDevicesInfoMap, NSDictionary *crossSigningKeysMap) { - [self setUserVerificationForUserId2:userId downloadIfNeeded:NO success:success failure:failure]; + [self setUserVerification2:verificationStatus forUser:userId downloadIfNeeded:NO success:success failure:failure]; } failure:^(NSError *error) { if (failure) { @@ -1202,8 +1205,17 @@ - (void)setUserVerificationForUserId2:(NSString*)userId return; } + // Store information locally + if (verificationStatus != crossSigningInfo.trustLevel.isLocallyVerified) + { + MXUserTrustLevel *newTrustLevel = [MXUserTrustLevel trustLevelWithCrossSigningVerified:crossSigningInfo.trustLevel.isCrossSigningVerified + locallyVerified:verificationStatus];; + [crossSigningInfo updateTrustLevel:newTrustLevel]; + [_store storeCrossSigningKeys:crossSigningInfo]; + } + // Cross-sign if possible - if (!crossSigningInfo.isVerified) + if (verificationStatus != crossSigningInfo.trustLevel.isCrossSigningVerified) { if (self.crossSigning.canCrossSign) { @@ -1233,9 +1245,9 @@ - (void)setUserVerificationForUserId2:(NSString*)userId #pragma mark - Cross-signing trust -- (BOOL)isUserVerified:(NSString *)userId +- (MXUserTrustLevel*)trustLevelForUser:(NSString*)userId { - return [self.store crossSigningKeysForUser:userId].isVerified; + return [self.store crossSigningKeysForUser:userId].trustLevel ?: [MXUserTrustLevel new]; } - (MXDeviceTrustLevel*)deviceTrustLevelForDevice:(NSString*)deviceId ofUser:(NSString*)userId; @@ -1275,7 +1287,8 @@ - (void)trustLevelSummaryForUserIds:(NSArray*)userIds onComplete:(voi { usersCount++; - if ([self isUserVerified:userId]) + MXUserTrustLevel *userTrustLevel = [self trustLevelForUser:userId]; + if (userTrustLevel.isVerified) { trustedUsersCount++; @@ -1290,12 +1303,14 @@ - (void)trustLevelSummaryForUserIds:(NSArray*)userIds onComplete:(voi } } - MXTrustSummary *usersTrust = [[MXTrustSummary alloc] initWithTrustedCount:trustedUsersCount - totalCount:usersCount]; - MXTrustSummary *devicesTrust = [[MXTrustSummary alloc] initWithTrustedCount:trustedDevicesCount - totalCount:devicesCount]; - MXUsersTrustLevelSummary *trustLevelSummary = [[MXUsersTrustLevelSummary alloc] initWithUsersTrust:usersTrust - devicesTrust:devicesTrust]; + NSProgress *trustedUsersProgress = [NSProgress progressWithTotalUnitCount:usersCount]; + trustedUsersProgress.completedUnitCount = trustedUsersCount; + + NSProgress *trustedDevicesProgress = [NSProgress progressWithTotalUnitCount:devicesCount]; + trustedDevicesProgress.completedUnitCount = trustedDevicesCount; + + MXUsersTrustLevelSummary *trustLevelSummary = [[MXUsersTrustLevelSummary alloc] initWithTrustedUsersProgress:trustedUsersProgress + andTrustedDevicesProgress:trustedDevicesProgress]; dispatch_async(dispatch_get_main_queue(), ^{ onComplete(trustLevelSummary); diff --git a/MatrixSDK/Crypto/MXCryptoV2.swift b/MatrixSDK/Crypto/MXCryptoV2.swift index 3dc0c67589..9482501976 100644 --- a/MatrixSDK/Crypto/MXCryptoV2.swift +++ b/MatrixSDK/Crypto/MXCryptoV2.swift @@ -421,11 +421,18 @@ class MXCryptoV2: NSObject, MXCrypto { } } - func setUserVerificationForUserId( - _ userId: String, + public func setUserVerification( + _ verificationStatus: Bool, + forUser userId: String, success: (() -> Void)?, - failure: ((Swift.Error) -> Void)?) - { + failure: ((Swift.Error) -> Void)? + ) { + guard verificationStatus else { + log.failure("Cannot unset user trust") + failure?(Error.cannotUnsetTrust) + return + } + log.debug("Signing user") crossSigning.signUser( withUserId: userId, @@ -438,8 +445,8 @@ class MXCryptoV2: NSObject, MXCrypto { ) } - func isUserVerified(_ userId: String) -> Bool { - return trustLevelSource.isUserVerified(userId: userId) + public func trustLevel(forUser userId: String) -> MXUserTrustLevel { + return trustLevelSource.userTrustLevel(userId: userId) } public func deviceTrustLevel(forDevice deviceId: String, ofUser userId: String) -> MXDeviceTrustLevel? { diff --git a/MatrixSDK/Crypto/Recovery/MXRecoveryService.h b/MatrixSDK/Crypto/Recovery/MXRecoveryService.h index 539b85c6e4..8c18a85a99 100644 --- a/MatrixSDK/Crypto/Recovery/MXRecoveryService.h +++ b/MatrixSDK/Crypto/Recovery/MXRecoveryService.h @@ -37,9 +37,10 @@ typedef NS_ENUM(NSInteger, MXRecoveryServiceErrorCode) }; @protocol MXRecoveryServiceDelegate -- (void)setUserVerificationForUserId:(NSString*)userId - success:(void (^)(void))success - failure:(void (^)( NSError * _Nullable error))failure; +- (void)setUserVerification:(BOOL)verificationStatus + forUser:(NSString*)userId + success:(void (^)(void))success + failure:(void (^)( NSError * _Nullable error))failure; @end /** diff --git a/MatrixSDK/Crypto/Recovery/MXRecoveryService.m b/MatrixSDK/Crypto/Recovery/MXRecoveryService.m index 655f3fa97c..37cbf8c71c 100644 --- a/MatrixSDK/Crypto/Recovery/MXRecoveryService.m +++ b/MatrixSDK/Crypto/Recovery/MXRecoveryService.m @@ -748,8 +748,8 @@ - (void)recoverCrossSigningWithSuccess:(void (^)(void))success return; } - // Mark our user MSK as verified - [self.delegate setUserVerificationForUserId:self.dependencies.credentials.userId success:^{ + // Mark our user MSK as verified locally + [self.delegate setUserVerification:YES forUser:self.dependencies.credentials.userId success:^{ // Cross sign our current device [self.dependencies.crossSigning crossSignDeviceWithDeviceId:self.dependencies.credentials.deviceId success:^{ diff --git a/MatrixSDK/Crypto/Trust/MXTrustLevelSource.swift b/MatrixSDK/Crypto/Trust/MXTrustLevelSource.swift index 8be466fa91..62d094929e 100644 --- a/MatrixSDK/Crypto/Trust/MXTrustLevelSource.swift +++ b/MatrixSDK/Crypto/Trust/MXTrustLevelSource.swift @@ -27,8 +27,15 @@ struct MXTrustLevelSource { self.devicesSource = devicesSource } - func isUserVerified(userId: String) -> Bool { - userIdentitySource.isUserVerified(userId: userId) + func userTrustLevel(userId: String) -> MXUserTrustLevel { + let isVerified = userIdentitySource.isUserVerified(userId: userId) + + // `MatrixSDKCrypto` does not distinguish local and cross-signed + // verification status for users + return .init( + crossSigningVerified: isVerified, + locallyVerified: isVerified + ) } func deviceTrustLevel(userId: String, deviceId: String) -> MXDeviceTrustLevel? { @@ -42,34 +49,32 @@ struct MXTrustLevelSource { } func trustLevelSummary(userIds: [String]) -> MXUsersTrustLevelSummary { - .init( - usersTrust: usersTrust(userIds: userIds), - devicesTrust: devicesTrust(userIds: userIds) + return .init( + trustedUsersProgress: trustedUsers(userIds: userIds), + andTrustedDevicesProgress: trustedDevices(userIds: userIds) ) } - private func usersTrust(userIds: [String]) -> MXTrustSummary { + private func trustedUsers(userIds: [String]) -> Progress { let verifiedUsers = userIds.filter { userIdentitySource.isUserVerified(userId: $0) } - return .init( - trustedCount: verifiedUsers.count, - totalCount: userIds.count - ) + let progress = Progress(totalUnitCount: Int64(userIds.count)) + progress.completedUnitCount = Int64(verifiedUsers.count) + return progress } - private func devicesTrust(userIds: [String]) -> MXTrustSummary { + private func trustedDevices(userIds: [String]) -> Progress { let devices = userIds.flatMap { devicesSource.devices(userId: $0) } let trustedDevices = devices.filter { $0.crossSigningTrusted || $0.locallyTrusted } - - return .init( - trustedCount: trustedDevices.count, - totalCount: devices.count - ) + + let progress = Progress(totalUnitCount: Int64(devices.count)) + progress.completedUnitCount = Int64(trustedDevices.count) + return progress } } diff --git a/MatrixSDK/Crypto/Trust/MXTrustSummary.swift b/MatrixSDK/Crypto/Trust/MXTrustSummary.swift deleted file mode 100644 index 9ca6cffe65..0000000000 --- a/MatrixSDK/Crypto/Trust/MXTrustSummary.swift +++ /dev/null @@ -1,37 +0,0 @@ -// -// Copyright 2023 The Matrix.org Foundation C.I.C -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -import Foundation - -/// Convenience object summarizing trusted vs total number of entitites -/// such as users or devices -@objcMembers public class MXTrustSummary: NSObject { - public var trustedCount: Int - public var totalCount: Int - - public var areAllTrusted: Bool { - return trustedCount == totalCount - } - - public init(trustedCount: Int, totalCount: Int) { - if trustedCount > totalCount { - MXLog.error("[MXTrustSummary] trusted count is higher than total count") - } - - self.trustedCount = trustedCount - self.totalCount = max(totalCount, trustedCount) - } -} diff --git a/MatrixSDK/Crypto/Trust/MXUserTrustLevel.h b/MatrixSDK/Crypto/Trust/MXUserTrustLevel.h new file mode 100644 index 0000000000..b6a1537783 --- /dev/null +++ b/MatrixSDK/Crypto/Trust/MXUserTrustLevel.h @@ -0,0 +1,49 @@ +/* + Copyright 2020 The Matrix.org Foundation C.I.C + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import + +NS_ASSUME_NONNULL_BEGIN + +@interface MXUserTrustLevel : NSObject + +/** + YES if this user is verified via any means. + */ +@property (nonatomic, readonly) BOOL isVerified; + +/** + YES if this user is verified via cross signing. + */ +@property (nonatomic, readonly) BOOL isCrossSigningVerified; + +/** + YES if this user is verified locally. + */ +@property (nonatomic, readonly) BOOL isLocallyVerified; + +@end + + +#pragma mark - Factory + +@interface MXUserTrustLevel() + ++ (MXUserTrustLevel*)trustLevelWithCrossSigningVerified:(BOOL)crossSigningVerified locallyVerified:(BOOL)locallyVerified; + +@end + +NS_ASSUME_NONNULL_END diff --git a/MatrixSDK/Crypto/Trust/MXUserTrustLevel.m b/MatrixSDK/Crypto/Trust/MXUserTrustLevel.m new file mode 100644 index 0000000000..b171064c48 --- /dev/null +++ b/MatrixSDK/Crypto/Trust/MXUserTrustLevel.m @@ -0,0 +1,91 @@ +/* + Copyright 2020 The Matrix.org Foundation C.I.C + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "MXUserTrustLevel.h" + +@implementation MXUserTrustLevel + +- (instancetype)init +{ + self = [super init]; + if (self) + { + _isCrossSigningVerified = NO; + _isLocallyVerified = NO; + } + return self; +} + ++ (MXUserTrustLevel *)trustLevelWithCrossSigningVerified:(BOOL)crossSigningVerified locallyVerified:(BOOL)locallyVerified +{ + MXUserTrustLevel *trustLevel = [MXUserTrustLevel new]; + trustLevel->_isCrossSigningVerified = crossSigningVerified; + trustLevel->_isLocallyVerified = locallyVerified; + + return trustLevel; +} + + +- (BOOL)isVerified +{ + return _isCrossSigningVerified || _isLocallyVerified; +} + + +- (BOOL)isEqual:(id)object +{ + if (self == object) + { + return YES; + } + + BOOL isEqual = NO; + + if ([object isKindOfClass:MXUserTrustLevel.class]) + { + MXUserTrustLevel *other = object; + isEqual = other.isCrossSigningVerified == self.isCrossSigningVerified; + isEqual &= other.isLocallyVerified == self.isLocallyVerified; + } + + return isEqual; +} + +- (NSString *)description +{ + return [NSString stringWithFormat:@"MXUserTrustLevel: local: %@ - cross-signing: %@", @(_isLocallyVerified), @(_isCrossSigningVerified)]; +} + +#pragma mark - NSCoding + +- (id)initWithCoder:(NSCoder *)aDecoder +{ + self = [super init]; + if (self) + { + _isCrossSigningVerified = [aDecoder decodeBoolForKey:@"isCrossSigningVerified"]; + _isLocallyVerified = [aDecoder decodeBoolForKey:@"isLocallyVerified"]; + } + return self; +} + +- (void)encodeWithCoder:(NSCoder *)aCoder +{ + [aCoder encodeBool:_isCrossSigningVerified forKey:@"isCrossSigningVerified"]; + [aCoder encodeBool:_isLocallyVerified forKey:@"isLocallyVerified"]; +} + +@end diff --git a/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.h b/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.h index 710fe4b36f..cd0b3b8506 100644 --- a/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.h +++ b/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.h @@ -16,7 +16,7 @@ #import -@class MXTrustSummary, MXUsersTrustLevelSummaryMO; +@class MXUsersTrustLevelSummaryMO; NS_ASSUME_NONNULL_BEGIN @@ -25,18 +25,13 @@ NS_ASSUME_NONNULL_BEGIN */ @interface MXUsersTrustLevelSummary : NSObject -/** - The summary of trusted users - */ -@property (nonatomic, strong, readonly) MXTrustSummary *usersTrust; +// The ratio of trusted users +@property (nonatomic, strong, readonly) NSProgress *trustedUsersProgress; -/** - The summary of trusted devices for trusted users - */ -@property (nonatomic, strong, readonly) MXTrustSummary *devicesTrust; +// The ratio of trusted devices for trusted users +@property (nonatomic, strong, readonly) NSProgress *trustedDevicesProgress; -- (instancetype)initWithUsersTrust:(MXTrustSummary *)usersTrust - devicesTrust:(MXTrustSummary *)devicesTrust; +- (instancetype)initWithTrustedUsersProgress:(NSProgress*)trustedUsersProgress andTrustedDevicesProgress:(NSProgress*)trustedDevicesProgress; #pragma mark - CoreData Model diff --git a/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.m b/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.m index 65baeca27b..f16810dd6c 100644 --- a/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.m +++ b/MatrixSDK/Crypto/Trust/MXUsersTrustLevelSummary.m @@ -19,21 +19,20 @@ @interface MXUsersTrustLevelSummary() -@property (nonatomic, strong, readwrite) MXTrustSummary *usersTrust; -@property (nonatomic, strong, readwrite) MXTrustSummary *devicesTrust; +@property (nonatomic, strong, readwrite) NSProgress *trustedUsersProgress; +@property (nonatomic, strong, readwrite) NSProgress *trustedDevicesProgress; @end @implementation MXUsersTrustLevelSummary -- (instancetype)initWithUsersTrust:(MXTrustSummary *)usersTrust - devicesTrust:(MXTrustSummary *)devicesTrust +- (instancetype)initWithTrustedUsersProgress:(NSProgress*)trustedUsersProgress andTrustedDevicesProgress:(NSProgress*)trustedDevicesProgress { self = [super init]; if (self) { - self.usersTrust = usersTrust; - self.devicesTrust = devicesTrust; + self.trustedUsersProgress = trustedUsersProgress; + self.trustedDevicesProgress = trustedDevicesProgress; } return self; } @@ -44,11 +43,11 @@ - (instancetype)initWithManagedObject:(MXUsersTrustLevelSummaryMO *)model { if (self = [super init]) { - self.usersTrust = [[MXTrustSummary alloc] initWithTrustedCount:model.s_trustedUsersCount - totalCount:model.s_usersCount]; + self.trustedUsersProgress = [NSProgress progressWithTotalUnitCount:model.s_usersCount]; + self.trustedUsersProgress.completedUnitCount = model.s_trustedUsersCount; - self.devicesTrust = [[MXTrustSummary alloc] initWithTrustedCount:model.s_trustedDevicesCount - totalCount:model.s_devicesCount]; + self.trustedDevicesProgress = [NSProgress progressWithTotalUnitCount:model.s_devicesCount]; + self.trustedDevicesProgress.completedUnitCount = model.s_trustedDevicesCount; } return self; } @@ -62,21 +61,24 @@ - (id)initWithCoder:(NSCoder *)aDecoder { NSUInteger usersCount = [aDecoder decodeIntegerForKey:@"usersCount"]; NSUInteger trustedUsersCount = [aDecoder decodeIntegerForKey:@"trustedUsersCount"]; - self.usersTrust = [[MXTrustSummary alloc] initWithTrustedCount:trustedUsersCount totalCount:usersCount]; - NSUInteger devicesCount = [aDecoder decodeIntegerForKey:@"devicesCount"]; NSUInteger trustedDevicesCount = [aDecoder decodeIntegerForKey:@"trustedDevicesCount"]; - self.devicesTrust = [[MXTrustSummary alloc] initWithTrustedCount:trustedDevicesCount totalCount:devicesCount]; + + self.trustedUsersProgress = [NSProgress progressWithTotalUnitCount:usersCount]; + self.trustedUsersProgress.completedUnitCount = trustedUsersCount; + + self.trustedDevicesProgress = [NSProgress progressWithTotalUnitCount:devicesCount]; + self.trustedDevicesProgress.completedUnitCount = trustedDevicesCount; } return self; } - (void)encodeWithCoder:(NSCoder *)aCoder { - [aCoder encodeInteger:self.usersTrust.totalCount forKey:@"usersCount"]; - [aCoder encodeInteger:self.usersTrust.trustedCount forKey:@"trustedUsersCount"]; - [aCoder encodeInteger:self.devicesTrust.totalCount forKey:@"devicesCount"]; - [aCoder encodeInteger:self.devicesTrust.trustedCount forKey:@"trustedDevicesCount"]; + [aCoder encodeInteger:self.trustedUsersProgress.totalUnitCount forKey:@"usersCount"]; + [aCoder encodeInteger:self.trustedUsersProgress.completedUnitCount forKey:@"trustedUsersCount"]; + [aCoder encodeInteger:self.trustedDevicesProgress.totalUnitCount forKey:@"devicesCount"]; + [aCoder encodeInteger:self.trustedDevicesProgress.completedUnitCount forKey:@"trustedDevicesCount"]; } diff --git a/MatrixSDK/Crypto/Verification/MXKeyVerificationManager.m b/MatrixSDK/Crypto/Verification/MXKeyVerificationManager.m index 785f61ff17..1596bb9a31 100644 --- a/MatrixSDK/Crypto/Verification/MXKeyVerificationManager.m +++ b/MatrixSDK/Crypto/Verification/MXKeyVerificationManager.m @@ -1963,10 +1963,11 @@ - (MXQRCodeData*)createQRCodeDataWithTransactionId:(NSString*)transactionId othe MXQRCodeData *qrCodeData; NSString *currentUserId = self.crypto.mxSession.myUserId; + MXUserTrustLevel *currentUserTrustLevel = [self.crypto trustLevelForUser:currentUserId]; if ([otherUserId isEqualToString:currentUserId]) { - if ([self.crypto isUserVerified:currentUserId]) + if (currentUserTrustLevel.isCrossSigningVerified) { // This is a self verification and I am the old device (Osborne2) qrCodeData = [self createSelfVerifyingMasterKeyTrustedQRCodeDataWithTransactionId:transactionId otherDeviceId:otherDeviceId]; diff --git a/MatrixSDK/Crypto/Verification/Transactions/QRCode/MXQRCodeTransaction.m b/MatrixSDK/Crypto/Verification/Transactions/QRCode/MXQRCodeTransaction.m index eccf76239f..cf05f1c8f6 100644 --- a/MatrixSDK/Crypto/Verification/Transactions/QRCode/MXQRCodeTransaction.m +++ b/MatrixSDK/Crypto/Verification/Transactions/QRCode/MXQRCodeTransaction.m @@ -326,7 +326,7 @@ - (void)trustOtherUserWithId:(NSString*)otherUserId andDeviceId:(NSString*)other [self.manager.crypto setDeviceVerification:MXDeviceVerified forDevice:otherDeviceId ofUser:otherUserId success:^{ // Mark user as verified - [self.manager.crypto setUserVerificationForUserId:otherUserId success:^{ + [self.manager.crypto setUserVerification:YES forUser:otherUserId success:^{ [self sendVerified]; } failure:^(NSError *error) { diff --git a/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransaction.m b/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransaction.m index 78c3be9319..4388bc3037 100644 --- a/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransaction.m +++ b/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransaction.m @@ -421,7 +421,7 @@ - (void)verifyMacs // Mark user as verified MXLogDebug(@"[MXKeyVerification][MXSASTransaction] verifyMacs: Mark user %@ as verified", self.otherDevice.userId); dispatch_group_enter(group); - [self.manager.crypto setUserVerificationForUserId:self.otherDevice.userId success:^{ + [self.manager.crypto setUserVerification:YES forUser:self.otherDevice.userId success:^{ dispatch_group_leave(group); } failure:^(NSError *error) { diff --git a/MatrixSDK/Data/RoomSummaryStore/CoreData/Models/MXUsersTrustLevelSummaryMO.swift b/MatrixSDK/Data/RoomSummaryStore/CoreData/Models/MXUsersTrustLevelSummaryMO.swift index bfed9ee448..e212b22d62 100644 --- a/MatrixSDK/Data/RoomSummaryStore/CoreData/Models/MXUsersTrustLevelSummaryMO.swift +++ b/MatrixSDK/Data/RoomSummaryStore/CoreData/Models/MXUsersTrustLevelSummaryMO.swift @@ -40,10 +40,10 @@ public class MXUsersTrustLevelSummaryMO: NSManagedObject { } internal func update(withUsersTrustLevelSummary usersTrustLevelSummary: MXUsersTrustLevelSummary) { - s_usersCount = Int32(usersTrustLevelSummary.usersTrust.totalCount) - s_trustedUsersCount = Int32(usersTrustLevelSummary.usersTrust.trustedCount) - s_devicesCount = Int32(usersTrustLevelSummary.devicesTrust.totalCount) - s_trustedDevicesCount = Int32(usersTrustLevelSummary.devicesTrust.trustedCount) + s_usersCount = Int32(usersTrustLevelSummary.trustedUsersProgress.totalUnitCount) + s_trustedUsersCount = Int32(usersTrustLevelSummary.trustedUsersProgress.completedUnitCount) + s_devicesCount = Int32(usersTrustLevelSummary.trustedDevicesProgress.totalUnitCount) + s_trustedDevicesCount = Int32(usersTrustLevelSummary.trustedDevicesProgress.completedUnitCount) } } diff --git a/MatrixSDK/MatrixSDK.h b/MatrixSDK/MatrixSDK.h index 71f342706f..799b21c13b 100644 --- a/MatrixSDK/MatrixSDK.h +++ b/MatrixSDK/MatrixSDK.h @@ -177,7 +177,6 @@ FOUNDATION_EXPORT NSString *MatrixSDKVersion; #import "MXCryptoTools.h" #import "MXRecoveryKey.h" #import "MXSecretShareSend.h" -#import "MXUsersTrustLevelSummary.h" // Sync response models #import "MXSyncResponse.h" diff --git a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift index a91f5411b6..9de46d0e37 100644 --- a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift +++ b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift @@ -51,7 +51,10 @@ class MXCrossSigningInfoUnitTests: XCTestCase { XCTAssertKeysEqual(info.masterKeys, masterKeys) XCTAssertKeysEqual(info.selfSignedKeys, selfSigningKeys) XCTAssertKeysEqual(info.userSignedKeys, userSigningKeys) - XCTAssertFalse(info.isVerified) + XCTAssertEqual( + info.trustLevel, + MXUserTrustLevel(crossSigningVerified: false, locallyVerified: false) + ) } func test_canCreateInfo_withOtherUserIdentity() { @@ -74,82 +77,10 @@ class MXCrossSigningInfoUnitTests: XCTestCase { XCTAssertKeysEqual(info.masterKeys, masterKeys) XCTAssertKeysEqual(info.selfSignedKeys, selfSigningKeys) XCTAssertNil(info.userSignedKeys) - XCTAssertTrue(info.isVerified) - } - - func test_canDecodeDeprecatedModel() throws { - // In this test we ensure that we can decode a list of `MXCrossSigningInfo` which were created - // using a previous version of the model (and saved into a file). This model contained separate - // fields for local vs cross-signing verification, whereas the new model flattens these into - // a single `isVerified` boolean. - - // Load up previously saved data using version 0 of the model - let bundle = Bundle(for: MXCrossSigningInfoUnitTests.self) - guard let url = bundle.url(forResource: "MXCrossSigningInfo_v0", withExtension: nil) else { - XCTFail("Missing migration data") - return - } - let data = try Data(contentsOf: url) - - // Unarchive using current model - guard let unarchived = NSKeyedUnarchiver.unarchiveObject(with: data) as? [MXCrossSigningInfo] else { - XCTFail("Failed to unarchive data") - return - } - - // This data should contain 4 cross signing info objects - XCTAssertEqual(unarchived.count, 4) - - // Alice had both crossSigningVerified and locallyVerified set to false => is not verified - XCTAssertEqual(unarchived[0].userId, "Alice") - XCTAssertFalse(unarchived[0].isVerified) - - // Bob had crossSigningVerified set to true and locallyVerified set to false => is verified - XCTAssertEqual(unarchived[1].userId, "Bob") - XCTAssertTrue(unarchived[1].isVerified) - - // Carol had crossSigningVerified set to false and locallyVerified set to true => is not verified - XCTAssertEqual(unarchived[2].userId, "Carol") - XCTAssertFalse(unarchived[2].isVerified) - - // Alice had both crossSigningVerified and locallyVerified set to true => is verified - XCTAssertEqual(unarchived[3].userId, "Dave") - XCTAssertTrue(unarchived[3].isVerified) - } - - func test_canEncodeDeprecatedModel() throws { - // In this test we ensure that once unarchived a deprecated model, we can archive it using the current - // schema, ie storing the `isVerified` property directly, which is asserted by unarchiving once again. - - // Load up previously saved data using version 0 of the model - let bundle = Bundle(for: MXCrossSigningInfoUnitTests.self) - guard let url = bundle.url(forResource: "MXCrossSigningInfo_v0", withExtension: nil) else { - XCTFail("Missing migration data") - return - } - - // Unarchive from deprecated to current, re-archive via current model, and then once again unarchive - let data = try Data(contentsOf: url) - guard let unarchived1 = NSKeyedUnarchiver.unarchiveObject(with: data) as? [MXCrossSigningInfo] else { - XCTFail("Failed to unarchive data") - return - } - let archived = NSKeyedArchiver.archivedData(withRootObject: unarchived1) - guard let unarchived2 = NSKeyedUnarchiver.unarchiveObject(with: archived) as? [MXCrossSigningInfo] else { - XCTFail("Failed to unarchive data") - return - } - - // We expect all of the values to match the original data - XCTAssertEqual(unarchived2.count, 4) - XCTAssertEqual(unarchived2[0].userId, "Alice") - XCTAssertFalse(unarchived2[0].isVerified) - XCTAssertEqual(unarchived2[1].userId, "Bob") - XCTAssertTrue(unarchived2[1].isVerified) - XCTAssertEqual(unarchived2[2].userId, "Carol") - XCTAssertFalse(unarchived2[2].isVerified) - XCTAssertEqual(unarchived2[3].userId, "Dave") - XCTAssertTrue(unarchived2[3].isVerified) + XCTAssertEqual( + info.trustLevel, + MXUserTrustLevel(crossSigningVerified: true, locallyVerified: true) + ) } private func XCTAssertKeysEqual(_ key1: MXCrossSigningKey?, _ key2: MXCrossSigningKey?, file: StaticString = #file, line: UInt = #line) { diff --git a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 deleted file mode 100644 index d9aeae663be7ee6b79d83a03981a05b3477089c8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 681 zcmZutOKTHR6h0?y+L=C*Nz|(K9j4k=t)(hKd=XpJU@}!EiDMRqNpc%Ur!!^lB#?!8 z#TQaUe69p-RCFUQd{l8&MAVI7t*9Hpjo=Rubt4XwQC#$HzI(s(-E+S07H#N5?Vue^#GmQhHY84J?&MPI_=9nUy`NO1O(=g!a8#y5;$$LnZ6l0#~Eyt%U z)3h1h7ecLV^Oh_XSFhW!anrW#gS+F&v}lxdeY!mmoST*8KCe|qEa)nww}eo54)d{Q z*23DEFcavQzhGhKqQ$8rq)IboO00M>Yg=V%CrE|ptcd|@V2$aRt`*3;z_R5lB9WZX zq0vFhq*T^QhGvv9#L`AIQp^b3s_WIi9P@MBbl1vN-PyVULmeeb{Yq#~5RyvT z8JhYxvDVW&3#&--u)7kc)ta?AA)HkHHxM^Q%vzuGaTeZ-II!N$!ZBXnVdmW=(FpVN zoLAqn)vdR(w)CKCnR-2I)UnTdik-V$MSulULu#eIjHn~vdB>DAykC-ImZer}QZH~2 zf=&>j2L>PtaY(>Ekf8*lV8Ky131?v(&cS)O0GHqzOu$`u0FPi2p29Pjf>-bbzQYgr z3BTYs@)*W0?8ePFgmFBGDpv3q9>)`S3eVs;Uc}3I1+U_DoWPrS8}Hyfe29;65})7{ hKF1gM5?|vRe2*XSBYwiq_!Zpa!#cuV4?Vzde*nb($8G=s diff --git a/MatrixSDKTests/Crypto/CrossSigning/MXCrossSigningInfoSourceUnitTests.swift b/MatrixSDKTests/Crypto/CrossSigning/MXCrossSigningInfoSourceUnitTests.swift index fdf9503adf..4ed6168f50 100644 --- a/MatrixSDKTests/Crypto/CrossSigning/MXCrossSigningInfoSourceUnitTests.swift +++ b/MatrixSDKTests/Crypto/CrossSigning/MXCrossSigningInfoSourceUnitTests.swift @@ -50,6 +50,6 @@ class MXCrossSigningInfoSourceUnitTests: XCTestCase { let info = source.crossSigningInfo(userId: "Alice") XCTAssertEqual(info?.userId, "Alice") - XCTAssertEqual(info?.isVerified, true) + XCTAssertEqual(info?.trustLevel.isVerified, true) } } diff --git a/MatrixSDKTests/Crypto/Trust/MXTrustLevelSourceUnitTests.swift b/MatrixSDKTests/Crypto/Trust/MXTrustLevelSourceUnitTests.swift index 2053a4962f..dc53091a9f 100644 --- a/MatrixSDKTests/Crypto/Trust/MXTrustLevelSourceUnitTests.swift +++ b/MatrixSDKTests/Crypto/Trust/MXTrustLevelSourceUnitTests.swift @@ -30,14 +30,14 @@ class MXTrustLevelSourceUnitTests: XCTestCase { source = MXTrustLevelSource(userIdentitySource: userIdentitySource, devicesSource: devicesSource) } - func test_isUserVerified() { + func test_userTrustLevel() { userIdentitySource.verification = [ - "Alice": true, - "Bob": false, + "Alice": true ] - XCTAssertTrue(source.isUserVerified(userId: "Alice")) - XCTAssertFalse(source.isUserVerified(userId: "Bob")) + let trustLevel = source.userTrustLevel(userId: "Alice") + + XCTAssertEqual(trustLevel, MXUserTrustLevel(crossSigningVerified: true, locallyVerified: true)) } func test_deviceTrustLevel() { @@ -69,10 +69,10 @@ class MXTrustLevelSourceUnitTests: XCTestCase { let summary = source.trustLevelSummary(userIds: ["Alice", "Bob"]) - XCTAssertEqual(summary.usersTrust.totalCount, 2) - XCTAssertEqual(summary.usersTrust.trustedCount, 1) + XCTAssertEqual(summary.trustedUsersProgress.totalUnitCount, 2) + XCTAssertEqual(summary.trustedUsersProgress.completedUnitCount, 1) - XCTAssertEqual(summary.devicesTrust.totalCount, 3) - XCTAssertEqual(summary.devicesTrust.trustedCount, 2) + XCTAssertEqual(summary.trustedDevicesProgress.totalUnitCount, 3) + XCTAssertEqual(summary.trustedDevicesProgress.completedUnitCount, 2) } } diff --git a/MatrixSDKTests/Crypto/Trust/MXTrustSummaryUnitTests.swift b/MatrixSDKTests/Crypto/Trust/MXTrustSummaryUnitTests.swift deleted file mode 100644 index 2f993b78a1..0000000000 --- a/MatrixSDKTests/Crypto/Trust/MXTrustSummaryUnitTests.swift +++ /dev/null @@ -1,56 +0,0 @@ -// -// Copyright 2023 The Matrix.org Foundation C.I.C -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -import Foundation -import XCTest -@testable import MatrixSDK - -class MXTrustSummaryUnitTests: XCTestCase { - func test_init_empty() { - let summary1 = MXTrustSummary(trustedCount: 0, totalCount: 0) - XCTAssertEqual(summary1.trustedCount, 0) - XCTAssertEqual(summary1.totalCount, 0) - - let summary2 = MXTrustSummary(trustedCount: 5, totalCount: 10) - XCTAssertEqual(summary2.trustedCount, 5) - XCTAssertEqual(summary2.totalCount, 10) - } - - func test_init_totalNeverLowerThanTrusted() { - let summary1 = MXTrustSummary(trustedCount: 1, totalCount: 0) - XCTAssertEqual(summary1.trustedCount, 1) - XCTAssertEqual(summary1.totalCount, 1) - - let summary2 = MXTrustSummary(trustedCount: 20, totalCount: 10) - XCTAssertEqual(summary2.trustedCount, 20) - XCTAssertEqual(summary2.totalCount, 20) - } - - func test_areAllTrusted() { - let summaryToTrusted: [(MXTrustSummary, Bool)] = [ - (.init(trustedCount: 0, totalCount: 0), true), - (.init(trustedCount: 0, totalCount: 1), false), - (.init(trustedCount: 1, totalCount: 1), true), - (.init(trustedCount: 5, totalCount: 10), false), - (.init(trustedCount: 9, totalCount: 10), false), - (.init(trustedCount: 10, totalCount: 10), true), - ] - - for (summary, trusted) in summaryToTrusted { - XCTAssertEqual(summary.areAllTrusted, trusted) - } - } -} diff --git a/MatrixSDKTests/MXCrossSigningTests.m b/MatrixSDKTests/MXCrossSigningTests.m index e3d989b5b4..79c4ac3f71 100644 --- a/MatrixSDKTests/MXCrossSigningTests.m +++ b/MatrixSDKTests/MXCrossSigningTests.m @@ -364,7 +364,9 @@ - (void)testBootstrapWithPassword // -> Alice must see their cross-signing info trusted MXCrossSigningInfo *aliceCrossSigningInfo = [aliceSession.crypto.crossSigning crossSigningKeysForUser:aliceSession.myUserId]; XCTAssertNotNil(aliceCrossSigningInfo); - XCTAssertTrue(aliceCrossSigningInfo.isVerified); + XCTAssertTrue(aliceCrossSigningInfo.trustLevel.isVerified); + XCTAssertTrue(aliceCrossSigningInfo.trustLevel.isLocallyVerified); + XCTAssertTrue(aliceCrossSigningInfo.trustLevel.isCrossSigningVerified); [expectation fulfill]; @@ -641,17 +643,17 @@ - (void)testMXCrossSigningInfoStorage XCTAssertNotNil(storedKeys); XCTAssertEqualObjects(storedKeys.userId, keys.userId); - XCTAssertFalse(storedKeys.isVerified); + XCTAssertFalse(storedKeys.trustLevel.isVerified); XCTAssertEqual(storedKeys.keys.count, keys.keys.count); XCTAssertEqualObjects(storedKeys.masterKeys.JSONDictionary, keys.masterKeys.JSONDictionary); XCTAssertEqualObjects(storedKeys.selfSignedKeys.JSONDictionary, keys.selfSignedKeys.JSONDictionary); XCTAssertEqualObjects(storedKeys.userSignedKeys.JSONDictionary, keys.userSignedKeys.JSONDictionary); // - Update keys test - [keys setIsVerified:YES]; + [keys updateTrustLevel:[MXUserTrustLevel trustLevelWithCrossSigningVerified:YES locallyVerified:NO]]; [aliceSession.legacyCrypto.store storeCrossSigningKeys:keys]; storedKeys = [aliceSession.legacyCrypto.store crossSigningKeysForUser:aliceUserId]; - XCTAssertTrue(storedKeys.isVerified); + XCTAssertTrue(storedKeys.trustLevel.isVerified); [expectation fulfill]; }]; @@ -791,12 +793,14 @@ - (void)testSignUser2 [bobSession.crypto.crossSigning signUserWithUserId:alice0Creds.userId success:^{ // -> Check bob trust alice as a user - BOOL isAliceVerified = [bobSession.crypto isUserVerified:alice0Creds.userId]; - XCTAssertTrue(isAliceVerified); + MXUserTrustLevel *aliceTrust = [bobSession.crypto trustLevelForUser:alice0Creds.userId]; + XCTAssertNotNil(aliceTrust); + XCTAssertTrue(aliceTrust.isCrossSigningVerified); // -> Check bob trust bob as a user - BOOL isBobVerified = [bobSession.crypto isUserVerified:bobSession.myUser.userId]; - XCTAssertTrue(isBobVerified); + MXUserTrustLevel *bobTrust = [bobSession.crypto trustLevelForUser:bobSession.myUser.userId]; + XCTAssertNotNil(bobTrust); + XCTAssertTrue(bobTrust.isCrossSigningVerified); // -> Check bob trusts now alice devices MXDeviceTrustLevel *aliceDevice0Trust = [bobSession.crypto deviceTrustLevelForDevice:alice0Creds.deviceId ofUser:alice0Creds.userId]; @@ -937,25 +941,25 @@ - (void)testTrustsBetweenBobAndAliceWithTwoDevices // -> Bob should see all devices in the party as trusted thanks to cross-signing XCTAssertEqual(bobSession.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertTrue([bobSession.crypto isUserVerified:bobUserId]); + XCTAssertTrue([bobSession.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([bobSession.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); - XCTAssertTrue([bobSession.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([bobSession.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([bobSession.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([bobSession.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); // -> Alice1 should see all devices in the party as trusted thanks to cross-signing XCTAssertEqual(aliceSession1.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertTrue([aliceSession1.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([aliceSession1.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession1.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); - XCTAssertTrue([aliceSession1.crypto isUserVerified:bobUserId]); + XCTAssertTrue([aliceSession1.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession1.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession1.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); // -> Alice2 should see all devices in the party as trusted thanks to cross-signing XCTAssertEqual(aliceSession2.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertTrue([aliceSession2.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([aliceSession2.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession2.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); - XCTAssertTrue([aliceSession2.crypto isUserVerified:bobUserId]); + XCTAssertTrue([aliceSession2.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession2.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession2.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); @@ -994,14 +998,14 @@ - (void)xtestTrustChain // This simulates a self verification and trigger cross-signing behind the shell [aliceSession2.crypto setDeviceVerification:MXDeviceVerified forDevice:aliceSession3DeviceId ofUser:aliceUserId success:^{ [aliceSession3.crypto setDeviceVerification:MXDeviceVerified forDevice:aliceSession2DeviceId ofUser:aliceUserId success:^{ - [aliceSession3.crypto setUserVerificationForUserId:aliceUserId success:^{ + [aliceSession3.crypto setUserVerification:YES forUser:aliceUserId success:^{ // Wait a bit to make background requests for cross-signing happen dispatch_after(dispatch_time(DISPATCH_TIME_NOW, 5 * NSEC_PER_SEC), dispatch_get_main_queue(), ^{ // -> Alice3 should see all devices in the party as trusted thanks to cross-signing XCTAssertEqual(aliceSession3.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertTrue([aliceSession3.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([aliceSession3.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession3.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession3.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession3.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); @@ -1015,7 +1019,7 @@ - (void)xtestTrustChain // -> Alice3 should see Bob as trusted thanks to cross-signing [aliceSession3.crypto downloadKeys:@[bobUserId] forceDownload:NO success:^(MXUsersDevicesMap *usersDevicesInfoMap, NSDictionary *crossSigningKeysMap) { - XCTAssertTrue([aliceSession3.crypto isUserVerified:bobUserId]); + XCTAssertTrue([aliceSession3.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession3.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); [expectation fulfill]; @@ -1067,12 +1071,12 @@ - (void)testCrossSigningRotation // -> Alice1 should not trust anymore Alice2 and Bob XCTAssertEqual(aliceSession1.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertFalse([aliceSession1.crypto isUserVerified:bobUserId]); + XCTAssertFalse([aliceSession1.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertFalse([aliceSession1.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); XCTAssertFalse([aliceSession1.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); // but it should still trust itself - XCTAssertTrue([aliceSession1.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([aliceSession1.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession1.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); @@ -1082,23 +1086,23 @@ - (void)testCrossSigningRotation XCTAssertFalse([aliceSession2.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); - XCTAssertFalse([aliceSession2.crypto isUserVerified:bobUserId]); + XCTAssertFalse([aliceSession2.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertFalse([aliceSession2.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); // aliceSession2 trusts the new cross-signing reset by aliceSession1 because it trusts this device locally // This explains expected results in tests below. They may be arguable but this is the reason XCTAssertEqual(aliceSession2.crypto.crossSigning.state, MXCrossSigningStateTrustCrossSigning); - XCTAssertTrue([aliceSession2.crypto isUserVerified:aliceUserId]); + XCTAssertTrue([aliceSession2.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertTrue([aliceSession2.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); // -> Bob should not trust anymore Alice1 and Alice2 XCTAssertEqual(bobSession.crypto.crossSigning.state, MXCrossSigningStateCanCrossSign); - XCTAssertFalse([bobSession.crypto isUserVerified:aliceUserId]); + XCTAssertFalse([bobSession.crypto trustLevelForUser:aliceUserId].isCrossSigningVerified); XCTAssertFalse([bobSession.crypto deviceTrustLevelForDevice:aliceSession1DeviceId ofUser:aliceUserId].isCrossSigningVerified); XCTAssertFalse([bobSession.crypto deviceTrustLevelForDevice:aliceSession2DeviceId ofUser:aliceUserId].isCrossSigningVerified); // He should still trust himself - XCTAssertTrue([bobSession.crypto isUserVerified:bobUserId]); + XCTAssertTrue([bobSession.crypto trustLevelForUser:bobUserId].isCrossSigningVerified); XCTAssertTrue([bobSession.crypto deviceTrustLevelForDevice:bobDeviceId ofUser:bobUserId].isCrossSigningVerified); [expectation fulfill]; diff --git a/MatrixSDKTests/MXCrossSigningVerificationTests.m b/MatrixSDKTests/MXCrossSigningVerificationTests.m index e4fd3037e8..2d38c3d957 100644 --- a/MatrixSDKTests/MXCrossSigningVerificationTests.m +++ b/MatrixSDKTests/MXCrossSigningVerificationTests.m @@ -277,8 +277,10 @@ - (void)testSelfVerificationWithSAS MXCrossSigningInfo *aliceFromAlice1POV = [aliceSession1.legacyCrypto.store crossSigningKeysForUser:alice.userId]; MXCrossSigningInfo *aliceFromAlice2POV = [aliceSession2.legacyCrypto.store crossSigningKeysForUser:alice.userId]; - XCTAssertTrue(aliceFromAlice1POV.isVerified); - XCTAssertTrue(aliceFromAlice2POV.isVerified); + XCTAssertTrue(aliceFromAlice1POV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(aliceFromAlice1POV.trustLevel.isLocallyVerified); + XCTAssertTrue(aliceFromAlice2POV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(aliceFromAlice2POV.trustLevel.isLocallyVerified); // -> Transaction must not be listed anymore XCTAssertNil([(MXLegacyKeyVerificationManager *)aliceSession1.crypto.keyVerificationManager transactionWithTransactionId:sasTransactionFromAlicePOV.transactionId]); @@ -482,8 +484,10 @@ - (void)xtestVerificationByDMFullFlow MXCrossSigningInfo *bobFromAlicePOV = [aliceSession.legacyCrypto.store crossSigningKeysForUser:bob.userId]; MXCrossSigningInfo *aliceFromBobPOV = [bobSession.legacyCrypto.store crossSigningKeysForUser:alice.userId]; - XCTAssertTrue(bobFromAlicePOV.isVerified); - XCTAssertTrue(aliceFromBobPOV.isVerified); + XCTAssertTrue(bobFromAlicePOV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(bobFromAlicePOV.trustLevel.isLocallyVerified); + XCTAssertTrue(aliceFromBobPOV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(aliceFromBobPOV.trustLevel.isLocallyVerified); // -> Transaction must not be listed anymore XCTAssertNil([(MXLegacyKeyVerificationManager *)aliceSession.crypto.keyVerificationManager transactionWithTransactionId:sasTransactionFromAlicePOV.transactionId]); @@ -707,8 +711,10 @@ - (void)xtestVerifyingAnotherUserQRCodeVerificationFullFlow MXCrossSigningInfo *bobFromAlicePOV = [aliceSession.legacyCrypto.store crossSigningKeysForUser:bob.userId]; MXCrossSigningInfo *aliceFromBobPOV = [bobSession.legacyCrypto.store crossSigningKeysForUser:alice.userId]; - XCTAssertTrue(bobFromAlicePOV.isVerified); - XCTAssertTrue(aliceFromBobPOV.isVerified); + XCTAssertTrue(bobFromAlicePOV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(bobFromAlicePOV.trustLevel.isLocallyVerified); + XCTAssertTrue(aliceFromBobPOV.trustLevel.isCrossSigningVerified); + XCTAssertTrue(aliceFromBobPOV.trustLevel.isLocallyVerified); // -> Transaction must not be listed anymore XCTAssertNil([(MXLegacyKeyVerificationManager *)aliceSession.crypto.keyVerificationManager transactionWithTransactionId:qrCodeTransactionFromAlicePOV.transactionId]); diff --git a/MatrixSDKTests/MXRoomSummaryTrustTests.m b/MatrixSDKTests/MXRoomSummaryTrustTests.m index b14272d4b6..1d0f92aceb 100644 --- a/MatrixSDKTests/MXRoomSummaryTrustTests.m +++ b/MatrixSDKTests/MXRoomSummaryTrustTests.m @@ -16,7 +16,6 @@ #import -#import "MatrixSDKTestsSwiftHeader.h" #import "MatrixSDKTestsData.h" #import "MatrixSDKTestsE2EData.h" @@ -82,11 +81,13 @@ - (void)testNoCrossSigningNoTrust MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; XCTAssertNotNil(trust); - XCTAssertEqual(trust.usersTrust.totalCount, 2); - XCTAssertEqual(trust.usersTrust.trustedCount, 0); + XCTAssertEqual(trust.trustedUsersProgress.totalUnitCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.completedUnitCount, 0); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 0); - XCTAssertEqual(trust.devicesTrust.totalCount, 0); - XCTAssertEqual(trust.devicesTrust.trustedCount, 0); + XCTAssertEqual(trust.trustedDevicesProgress.totalUnitCount, 0); + XCTAssertEqual(trust.trustedDevicesProgress.completedUnitCount, 0); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 0); [expectation fulfill]; }); @@ -109,11 +110,13 @@ - (void)testAllTrusted MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; XCTAssertNotNil(trust); - XCTAssertEqual(trust.usersTrust.totalCount, 2); - XCTAssertEqual(trust.usersTrust.trustedCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.totalUnitCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.completedUnitCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); - XCTAssertEqual(trust.devicesTrust.totalCount, 3); - XCTAssertEqual(trust.devicesTrust.trustedCount, 3); + XCTAssertEqual(trust.trustedDevicesProgress.totalUnitCount, 3); + XCTAssertEqual(trust.trustedDevicesProgress.completedUnitCount, 3); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); [expectation fulfill]; }); @@ -139,11 +142,13 @@ - (void)testNotFullyTrusted MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; XCTAssertNotNil(trust); - XCTAssertEqual(trust.usersTrust.totalCount, 2); - XCTAssertEqual(trust.usersTrust.trustedCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.totalUnitCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.completedUnitCount, 2); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); - XCTAssertEqual(trust.devicesTrust.totalCount, 4); - XCTAssertEqual(trust.devicesTrust.trustedCount, 3); + XCTAssertEqual(trust.trustedDevicesProgress.totalUnitCount, 4); + XCTAssertEqual(trust.trustedDevicesProgress.completedUnitCount, 3); + XCTAssertNotEqual(trust.trustedDevicesProgress.fractionCompleted, 1); [expectation fulfill]; }); @@ -168,8 +173,8 @@ - (void)testTrustChangeAfterUserSignInOnNewDevice // -> All must be trusted MXRoom *roomFromAlicePOV = [aliceSession1 roomWithRoomId:roomId]; MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertTrue(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); // - Bob signs in on a new device [matrixSDKTestsE2EData loginUserOnANewDevice:self credentials:bobSession1.matrixRestClient.credentials withPassword:MXTESTS_BOB_PWD onComplete:^(MXSession *bobSession2) { @@ -179,8 +184,8 @@ - (void)testTrustChangeAfterUserSignInOnNewDevice id observer = [[NSNotificationCenter defaultCenter] addObserverForName:kMXRoomSummaryDidChangeNotification object:roomFromAlicePOV.summary queue:[NSOperationQueue mainQueue] usingBlock:^(NSNotification *notif) { MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertFalse(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertNotEqual(trust.trustedDevicesProgress.fractionCompleted, 1); [expectation fulfill]; }]; @@ -209,8 +214,8 @@ - (void)testTrustChangeAfterUserCompleteSecurity // -> Not all must be trusted MXRoom *roomFromAlicePOV = [aliceSession1 roomWithRoomId:roomId]; MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertFalse(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertNotEqual(trust.trustedDevicesProgress.fractionCompleted, 1); // - Bob trusts the new device [bobSession1.crypto setDeviceVerification:MXDeviceVerified forDevice:bobSession2.myDeviceId ofUser:bobSession2.myUserId success:^{ @@ -223,10 +228,10 @@ - (void)testTrustChangeAfterUserCompleteSecurity id observer = [[NSNotificationCenter defaultCenter] addObserverForName:kMXRoomSummaryDidChangeNotification object:roomFromAlicePOV.summary queue:[NSOperationQueue mainQueue] usingBlock:^(NSNotification *notif) { MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - if (trust.devicesTrust.areAllTrusted) // It could take for the SDK to update the trust right + if (trust.trustedDevicesProgress.fractionCompleted == 1) // It could take for the SDK to update the trust right { - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertTrue(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); [expectation fulfill]; } }]; @@ -253,8 +258,8 @@ - (void)testTrustChangeAfterUserRotateMSK // -> All must be trusted MXRoom *roomFromAlicePOV = [aliceSession1 roomWithRoomId:roomId]; MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertTrue(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); // - Bob rotates their cross-signing [bobSession1.crypto.crossSigning setupWithPassword:MXTESTS_BOB_PWD success:^{ @@ -267,8 +272,8 @@ - (void)testTrustChangeAfterUserRotateMSK id observer = [[NSNotificationCenter defaultCenter] addObserverForName:kMXRoomSummaryDidChangeNotification object:roomFromAlicePOV.summary queue:[NSOperationQueue mainQueue] usingBlock:^(NSNotification *notif) { MXUsersTrustLevelSummary *trust = roomFromAlicePOV.summary.trust; - XCTAssertFalse(trust.usersTrust.areAllTrusted); - XCTAssertTrue(trust.devicesTrust.areAllTrusted); // 100% Because all devices of trusted users are verified + XCTAssertNotEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); // 100% Because all devices of trusted users are verified [expectation fulfill]; }]; @@ -350,8 +355,8 @@ - (void)testEnableTrustTracking // -> Trust be available and everything should be green MXUsersTrustLevelSummary *trust = roomSummaryFromAlicePOV.trust; - XCTAssertTrue(trust.usersTrust.areAllTrusted); - XCTAssertTrue(trust.devicesTrust.areAllTrusted); + XCTAssertEqual(trust.trustedUsersProgress.fractionCompleted, 1); + XCTAssertEqual(trust.trustedDevicesProgress.fractionCompleted, 1); [expectation fulfill]; }]; diff --git a/MatrixSDKTests/TestPlans/UnitTests.xctestplan b/MatrixSDKTests/TestPlans/UnitTests.xctestplan index d67025e02e..1ebc14fb9b 100644 --- a/MatrixSDKTests/TestPlans/UnitTests.xctestplan +++ b/MatrixSDKTests/TestPlans/UnitTests.xctestplan @@ -98,7 +98,6 @@ "MXToDevicePayloadUnitTests", "MXToolsUnitTests", "MXTrustLevelSourceUnitTests", - "MXTrustSummaryUnitTests", "MXUnrequestedForwardedRoomKeyManagerUnitTests" ], "target" : { diff --git a/MatrixSDKTests/TestPlans/UnitTestsWithSanitizers.xctestplan b/MatrixSDKTests/TestPlans/UnitTestsWithSanitizers.xctestplan index 9897219411..392638cb35 100644 --- a/MatrixSDKTests/TestPlans/UnitTestsWithSanitizers.xctestplan +++ b/MatrixSDKTests/TestPlans/UnitTestsWithSanitizers.xctestplan @@ -106,7 +106,6 @@ "MXToDevicePayloadUnitTests", "MXToolsUnitTests", "MXTrustLevelSourceUnitTests", - "MXTrustSummaryUnitTests", "MXUnrequestedForwardedRoomKeyManagerUnitTests" ], "target" : { From dde79b549657bf659f696134db085d22e9310fb4 Mon Sep 17 00:00:00 2001 From: Andy Uhnak Date: Wed, 22 Mar 2023 13:18:29 +0000 Subject: [PATCH 2/5] Check for private master keys --- MatrixSDK.xcodeproj/project.pbxproj | 48 +++++--- .../CrossSigning/Data/MXCrossSigningInfo.m | 15 ++- .../Crypto/CrossSigning/MXCrossSigning.m | 21 ++++ .../Data/MXCrossSigningInfoUnitTests.swift | 105 +++++++++++++++++- .../CrossSigning/Data/MXCrossSigningInfo_v0 | Bin 0 -> 681 bytes .../CrossSigning/Data/MXCrossSigningInfo_v1 | Bin 0 -> 428 bytes 6 files changed, 166 insertions(+), 23 deletions(-) create mode 100644 MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 create mode 100644 MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v1 diff --git a/MatrixSDK.xcodeproj/project.pbxproj b/MatrixSDK.xcodeproj/project.pbxproj index 5d3b96080e..44001bc2b9 100644 --- a/MatrixSDK.xcodeproj/project.pbxproj +++ b/MatrixSDK.xcodeproj/project.pbxproj @@ -876,7 +876,7 @@ B14EF1E32397E90400758AF0 /* MXCall.m in Sources */ = {isa = PBXBuildFile; fileRef = 3245A74D1AF7B2930001D8A7 /* MXCall.m */; }; B14EF1E42397E90400758AF0 /* MXWellknownIntegrations.m in Sources */ = {isa = PBXBuildFile; fileRef = 32CF439C2371AF9500907C56 /* MXWellknownIntegrations.m */; }; B14EF1E52397E90400758AF0 /* MXLoginPolicy.m in Sources */ = {isa = PBXBuildFile; fileRef = 3275FD9B21A6B60B00B9C13D /* MXLoginPolicy.m */; }; - B14EF1E62397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + B14EF1E62397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; B14EF1E72397E90400758AF0 /* MXRoomThirdPartyInvite.m in Sources */ = {isa = PBXBuildFile; fileRef = 327F8DB11C6112BA00581CA3 /* MXRoomThirdPartyInvite.m */; }; B14EF1E82397E90400758AF0 /* MXRoomPowerLevels.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982F42119E4A2001FD722 /* MXRoomPowerLevels.m */; }; B14EF1E92397E90400758AF0 /* MXRealmMediaScanMapper.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D4DE21A5AEF100D8C2C6 /* MXRealmMediaScanMapper.m */; }; @@ -933,7 +933,7 @@ B14EF21D2397E90400758AF0 /* MXEncryptedContentKey.m in Sources */ = {isa = PBXBuildFile; fileRef = 021AFBA12179E91800742B2C /* MXEncryptedContentKey.m */; }; B14EF21E2397E90400758AF0 /* MXEventDecryptionResult.m in Sources */ = {isa = PBXBuildFile; fileRef = 32F634AA1FC5E3470054EF49 /* MXEventDecryptionResult.m */; }; B14EF21F2397E90400758AF0 /* MXMyUser.m in Sources */ = {isa = PBXBuildFile; fileRef = 327137261A24D50A00DB6757 /* MXMyUser.m */; }; - B14EF2202397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + B14EF2202397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; B14EF2212397E90400758AF0 /* MX3PID.swift in Sources */ = {isa = PBXBuildFile; fileRef = C6F935831E5B3BE600FC34BF /* MX3PID.swift */; }; B14EF2222397E90400758AF0 /* MXMediaScan.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D47621A5950800D8C2C6 /* MXMediaScan.m */; }; B14EF2232397E90400758AF0 /* MXEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = C6F935861E5B3BE600FC34BF /* MXEvent.swift */; }; @@ -948,7 +948,7 @@ B14EF22C2397E90400758AF0 /* MXAccountData.m in Sources */ = {isa = PBXBuildFile; fileRef = 3264DB901CEC528D00B99881 /* MXAccountData.m */; }; B14EF22D2397E90400758AF0 /* MXRealmReactionCount.m in Sources */ = {isa = PBXBuildFile; fileRef = 32133018228B010C0070BA9B /* MXRealmReactionCount.m */; }; B14EF22E2397E90400758AF0 /* MXCryptoTools.m in Sources */ = {isa = PBXBuildFile; fileRef = 3250E7C9220C913900736CB5 /* MXCryptoTools.m */; }; - B14EF22F2397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + B14EF22F2397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; B14EF2302397E90400758AF0 /* MXDeviceListOperation.m in Sources */ = {isa = PBXBuildFile; fileRef = 322691311E5EF77D00966A6E /* MXDeviceListOperation.m */; }; B14EF2312397E90400758AF0 /* MX3PidAddSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 32D2CBFF23422462002BD8CA /* MX3PidAddSession.m */; }; B14EF2322397E90400758AF0 /* MXBugReportRestClient.m in Sources */ = {isa = PBXBuildFile; fileRef = 3283F7771EAF30F700C1688C /* MXBugReportRestClient.m */; }; @@ -992,7 +992,7 @@ B14EF25B2397E90400758AF0 /* MXSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 320DFDD119DD99B60068622A /* MXSession.m */; }; B14EF25C2397E90400758AF0 /* MXRoomTombStoneContent.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982EE2119E49F001FD722 /* MXRoomTombStoneContent.m */; }; B14EF25D2397E90400758AF0 /* MXImage.swift in Sources */ = {isa = PBXBuildFile; fileRef = C602B58D1F22A8D700B67D87 /* MXImage.swift */; }; - B14EF25E2397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + B14EF25E2397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; B14EF25F2397E90400758AF0 /* MXServerNoticeContent.m in Sources */ = {isa = PBXBuildFile; fileRef = 32954018216385F100E300FC /* MXServerNoticeContent.m */; }; B14EF2602397E90400758AF0 /* MXContentScanResult.m in Sources */ = {isa = PBXBuildFile; fileRef = 02CAD434217DD12F0074700B /* MXContentScanResult.m */; }; B14EF2612397E90400758AF0 /* MXRealmAggregationsStore.m in Sources */ = {isa = PBXBuildFile; fileRef = 32133014228AF4EF0070BA9B /* MXRealmAggregationsStore.m */; }; @@ -1030,7 +1030,7 @@ B14EF2822397E90400758AF0 /* MXDeviceList.m in Sources */ = {isa = PBXBuildFile; fileRef = 32637ED31E5B00400011E20D /* MXDeviceList.m */; }; B14EF2832397E90400758AF0 /* MXRoomCreateContent.m in Sources */ = {isa = PBXBuildFile; fileRef = B17982F22119E4A1001FD722 /* MXRoomCreateContent.m */; }; B14EF2842397E90400758AF0 /* MXUIKitBackgroundModeHandler.m in Sources */ = {isa = PBXBuildFile; fileRef = 32A9E8231EF4026E0081358A /* MXUIKitBackgroundModeHandler.m */; }; - B14EF2852397E90400758AF0 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + B14EF2852397E90400758AF0 /* (null) in Sources */ = {isa = PBXBuildFile; }; B14EF2862397E90400758AF0 /* MXRealmMediaScanStore.m in Sources */ = {isa = PBXBuildFile; fileRef = B146D4F521A5BB9F00D8C2C6 /* MXRealmMediaScanStore.m */; }; B14EF2872397E90400758AF0 /* MXPusherData.m in Sources */ = {isa = PBXBuildFile; fileRef = 32999DE222DCD1AD004FF987 /* MXPusherData.m */; }; B14EF2882397E90400758AF0 /* MXOlmDevice.m in Sources */ = {isa = PBXBuildFile; fileRef = 322A51C61D9BBD3C00C8536D /* MXOlmDevice.m */; }; @@ -2005,10 +2005,10 @@ EDA69341290BA92E00223252 /* MXCryptoMachineUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDA6933F290BA92E00223252 /* MXCryptoMachineUnitTests.swift */; }; EDAAC41928E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC41828E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift */; }; EDAAC41A28E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC41828E2FCFE00DD89B5 /* MXCryptoSecretStoreV2.swift */; }; - EDAAC41C28E30F3C00DD89B5 /* BuildFile in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; - EDAAC41D28E30F3C00DD89B5 /* BuildFile in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; - EDAAC41F28E30F4C00DD89B5 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; - EDAAC42028E30F4C00DD89B5 /* BuildFile in Sources */ = {isa = PBXBuildFile; }; + EDAAC41C28E30F3C00DD89B5 /* (null) in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; + EDAAC41D28E30F3C00DD89B5 /* (null) in Headers */ = {isa = PBXBuildFile; settings = {ATTRIBUTES = (Public, ); }; }; + EDAAC41F28E30F4C00DD89B5 /* (null) in Sources */ = {isa = PBXBuildFile; }; + EDAAC42028E30F4C00DD89B5 /* (null) in Sources */ = {isa = PBXBuildFile; }; EDAAC42128E3174700DD89B5 /* MXCryptoSecretStore.h in Headers */ = {isa = PBXBuildFile; fileRef = EDAAC41228E2F86800DD89B5 /* MXCryptoSecretStore.h */; settings = {ATTRIBUTES = (Public, ); }; }; EDAAC42228E3174700DD89B5 /* MXCryptoSecretStore.h in Headers */ = {isa = PBXBuildFile; fileRef = EDAAC41228E2F86800DD89B5 /* MXCryptoSecretStore.h */; settings = {ATTRIBUTES = (Public, ); }; }; EDAAC42428E3177000DD89B5 /* MXRecoveryServiceDependencies.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDAAC42328E3177000DD89B5 /* MXRecoveryServiceDependencies.swift */; }; @@ -2051,6 +2051,10 @@ EDD578EA2881C37C006739DD /* MXCryptoUserIdentityWrapper.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDD578E02881C37C006739DD /* MXCryptoUserIdentityWrapper.swift */; }; EDD578EC2881C38C006739DD /* MXCrossSigningV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDD578EB2881C38C006739DD /* MXCrossSigningV2.swift */; }; EDD578ED2881C38C006739DD /* MXCrossSigningV2.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDD578EB2881C38C006739DD /* MXCrossSigningV2.swift */; }; + EDD7B74829CB3F1B00548AB4 /* MXCrossSigningInfo_v1 in Resources */ = {isa = PBXBuildFile; fileRef = EDD7B74629CB3F1B00548AB4 /* MXCrossSigningInfo_v1 */; }; + EDD7B74929CB3F1B00548AB4 /* MXCrossSigningInfo_v1 in Resources */ = {isa = PBXBuildFile; fileRef = EDD7B74629CB3F1B00548AB4 /* MXCrossSigningInfo_v1 */; }; + EDD7B74A29CB3F1B00548AB4 /* MXCrossSigningInfo_v0 in Resources */ = {isa = PBXBuildFile; fileRef = EDD7B74729CB3F1B00548AB4 /* MXCrossSigningInfo_v0 */; }; + EDD7B74B29CB3F1B00548AB4 /* MXCrossSigningInfo_v0 in Resources */ = {isa = PBXBuildFile; fileRef = EDD7B74729CB3F1B00548AB4 /* MXCrossSigningInfo_v0 */; }; EDDB07CA297EE0A7005249A6 /* MXCryptoV2FactoryTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDDB07C9297EE0A7005249A6 /* MXCryptoV2FactoryTests.swift */; }; EDDB07CB297EE0A7005249A6 /* MXCryptoV2FactoryTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDDB07C9297EE0A7005249A6 /* MXCryptoV2FactoryTests.swift */; }; EDDBA7F0293F353900AD1480 /* MXToDevicePayload.swift in Sources */ = {isa = PBXBuildFile; fileRef = EDDBA7EF293F353900AD1480 /* MXToDevicePayload.swift */; }; @@ -3192,6 +3196,8 @@ EDD578DF2881C37C006739DD /* MXCryptoDeviceWrapper.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MXCryptoDeviceWrapper.swift; sourceTree = ""; }; EDD578E02881C37C006739DD /* MXCryptoUserIdentityWrapper.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MXCryptoUserIdentityWrapper.swift; sourceTree = ""; }; EDD578EB2881C38C006739DD /* MXCrossSigningV2.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MXCrossSigningV2.swift; sourceTree = ""; }; + EDD7B74629CB3F1B00548AB4 /* MXCrossSigningInfo_v1 */ = {isa = PBXFileReference; lastKnownFileType = file.bplist; path = MXCrossSigningInfo_v1; sourceTree = ""; }; + EDD7B74729CB3F1B00548AB4 /* MXCrossSigningInfo_v0 */ = {isa = PBXFileReference; lastKnownFileType = file.bplist; path = MXCrossSigningInfo_v0; sourceTree = ""; }; EDDB07C9297EE0A7005249A6 /* MXCryptoV2FactoryTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXCryptoV2FactoryTests.swift; sourceTree = ""; }; EDDBA7EF293F353900AD1480 /* MXToDevicePayload.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXToDevicePayload.swift; sourceTree = ""; }; EDDD90C72901611600B760E0 /* MXLegacyCrypto+LegacyCrossSigning.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "MXLegacyCrypto+LegacyCrossSigning.swift"; sourceTree = ""; }; @@ -5725,6 +5731,8 @@ ED8F1D1528857FDA00F897E7 /* Data */ = { isa = PBXGroup; children = ( + EDD7B74729CB3F1B00548AB4 /* MXCrossSigningInfo_v0 */, + EDD7B74629CB3F1B00548AB4 /* MXCrossSigningInfo_v1 */, ED8F1D1628857FE600F897E7 /* MXCrossSigningInfoUnitTests.swift */, ); path = Data; @@ -5920,7 +5928,7 @@ B146D47421A5945800D8C2C6 /* MXAntivirusScanStatus.h in Headers */, 322691361E5EFF8700966A6E /* MXDeviceListOperationsPool.h in Headers */, 3281E8B719E42DFE00976E1A /* MXJSONModel.h in Headers */, - EDAAC41C28E30F3C00DD89B5 /* BuildFile in Headers */, + EDAAC41C28E30F3C00DD89B5 /* (null) in Headers */, B135066127E9CB6400BD3276 /* MXBeaconInfo.h in Headers */, EC5C562827A36EDB0014CBE9 /* MXInReplyTo.h in Headers */, EC8A539325B1BC77004E0802 /* MXCallSessionDescription.h in Headers */, @@ -6544,7 +6552,7 @@ 324AAC7E2399143400380A66 /* MXKeyVerificationCancel.h in Headers */, ED01915528C64E0400ED3A69 /* MXRoomKeyEventContent.h in Headers */, B14EF3372397E90400758AF0 /* MXRoomTombStoneContent.h in Headers */, - EDAAC41D28E30F3C00DD89B5 /* BuildFile in Headers */, + EDAAC41D28E30F3C00DD89B5 /* (null) in Headers */, 3274538B23FD918800438328 /* MXKeyVerificationByToDeviceRequest.h in Headers */, B14EF3382397E90400758AF0 /* MXFilterObject.h in Headers */, B14EF3392397E90400758AF0 /* MXRealmReactionCount.h in Headers */, @@ -6762,6 +6770,8 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( + EDD7B74A29CB3F1B00548AB4 /* MXCrossSigningInfo_v0 in Resources */, + EDD7B74829CB3F1B00548AB4 /* MXCrossSigningInfo_v1 in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -6782,6 +6792,8 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( + EDD7B74B29CB3F1B00548AB4 /* MXCrossSigningInfo_v0 in Resources */, + EDD7B74929CB3F1B00548AB4 /* MXCrossSigningInfo_v1 in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -7298,7 +7310,7 @@ ED6DABFC28C7542800ECDCB6 /* MXRoomKeyInfoFactory.swift in Sources */, B11556EE230C45C600B2A2CF /* MXIdentityServerRestClient.swift in Sources */, ED5EF145297AB1F200A5ADDA /* MXRoomEventEncryption.swift in Sources */, - EDAAC41F28E30F4C00DD89B5 /* BuildFile in Sources */, + EDAAC41F28E30F4C00DD89B5 /* (null) in Sources */, 321CFDE722525A49004D31DF /* MXSASTransaction.m in Sources */, EDDBA7F0293F353900AD1480 /* MXToDevicePayload.swift in Sources */, 32720D9D222EAA6F0086FFF5 /* MXDiscoveredClientConfig.m in Sources */, @@ -7609,7 +7621,7 @@ EC1165B527107E330089FA56 /* MXStoreRoomListDataManager.swift in Sources */, 66836ABA27CFA17200515780 /* MXLiveEventListener.swift in Sources */, B14EF1E52397E90400758AF0 /* MXLoginPolicy.m in Sources */, - B14EF1E62397E90400758AF0 /* BuildFile in Sources */, + B14EF1E62397E90400758AF0 /* (null) in Sources */, B18D23F727ECF199004C4277 /* MXLocationService.swift in Sources */, EC60EDB5265CFE6200B39A4E /* MXRoomSyncEphemeral.m in Sources */, B14EF1E72397E90400758AF0 /* MXRoomThirdPartyInvite.m in Sources */, @@ -7750,7 +7762,7 @@ B14EF21F2397E90400758AF0 /* MXMyUser.m in Sources */, EDAAC42528E3177300DD89B5 /* MXRecoveryServiceDependencies.swift in Sources */, EC60EDAB265CFE3B00B39A4E /* MXRoomSyncTimeline.m in Sources */, - B14EF2202397E90400758AF0 /* BuildFile in Sources */, + B14EF2202397E90400758AF0 /* (null) in Sources */, ED647E3F292CE64400A47519 /* MXSessionStartupProgress.swift in Sources */, B14EF2212397E90400758AF0 /* MX3PID.swift in Sources */, 18121F79273E6E4100B68ADF /* PollBuilder.swift in Sources */, @@ -7789,7 +7801,7 @@ B18B0E6825FBDC3000E32151 /* MXSpace.swift in Sources */, B14EF22D2397E90400758AF0 /* MXRealmReactionCount.m in Sources */, B14EF22E2397E90400758AF0 /* MXCryptoTools.m in Sources */, - B14EF22F2397E90400758AF0 /* BuildFile in Sources */, + B14EF22F2397E90400758AF0 /* (null) in Sources */, B14EF2302397E90400758AF0 /* MXDeviceListOperation.m in Sources */, 32C78B6B256CFC4D008130B1 /* MXCryptoMigration.m in Sources */, ECDA763027B292B5000C48CF /* MXThreadModel.swift in Sources */, @@ -7907,7 +7919,7 @@ B14EF25C2397E90400758AF0 /* MXRoomTombStoneContent.m in Sources */, B1432B52282AB29A00737CA6 /* MXBeaconInfoSummaryAllRoomListener.swift in Sources */, B14EF25D2397E90400758AF0 /* MXImage.swift in Sources */, - B14EF25E2397E90400758AF0 /* BuildFile in Sources */, + B14EF25E2397E90400758AF0 /* (null) in Sources */, 32B090E3261F709B002924AA /* MXAsyncTaskQueue.swift in Sources */, B14EF25F2397E90400758AF0 /* MXServerNoticeContent.m in Sources */, B1F04B112811E7B600103EBE /* MXBeaconInfoSummaryMemoryStore.swift in Sources */, @@ -7969,7 +7981,7 @@ ED6DABFD28C7542800ECDCB6 /* MXRoomKeyInfoFactory.swift in Sources */, B14EF2782397E90400758AF0 /* MXTransactionCancelCode.m in Sources */, ED5EF146297AB1F200A5ADDA /* MXRoomEventEncryption.swift in Sources */, - EDAAC42028E30F4C00DD89B5 /* BuildFile in Sources */, + EDAAC42028E30F4C00DD89B5 /* (null) in Sources */, B14EF2792397E90400758AF0 /* MXEventListener.m in Sources */, EDDBA7F1293F353900AD1480 /* MXToDevicePayload.swift in Sources */, B1710B202613D01400A9B429 /* MXSpaceChildrenRequestParameters.swift in Sources */, @@ -8006,7 +8018,7 @@ EC60ED7E265CFCD100B39A4E /* MXDeviceListResponse.m in Sources */, 323F879025553D84009E9E67 /* MXTaskProfile.m in Sources */, B14EF2842397E90400758AF0 /* MXUIKitBackgroundModeHandler.m in Sources */, - B14EF2852397E90400758AF0 /* BuildFile in Sources */, + B14EF2852397E90400758AF0 /* (null) in Sources */, 32A9F8E1244720B10069C65B /* MXThrottler.m in Sources */, 3274538D23FD918800438328 /* MXKeyVerificationByToDeviceRequest.m in Sources */, 32CEEF5223B0AB030039BA98 /* MXCrossSigning.m in Sources */, diff --git a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m index 90d99fefb2..d849bea34b 100644 --- a/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m +++ b/MatrixSDK/Crypto/CrossSigning/Data/MXCrossSigningInfo.m @@ -92,7 +92,19 @@ - (id)initWithCoder:(NSCoder *)aDecoder { _userId = [aDecoder decodeObjectForKey:@"userId"]; _keys = [aDecoder decodeObjectForKey:@"keys"]; - _trustLevel = [aDecoder decodeObjectForKey:@"trustLevel"]; + NSInteger version = [aDecoder decodeIntegerForKey:@"version"]; + if (version == 1) + { + // Version 1 compressed two boolean flags into a single one, when restoring from this version + // we will distribute once again to two booleans as it is important to keep local vs cross-signed + // status for own user as local echo. + BOOL isVerified = [aDecoder decodeBoolForKey:@"isVerified"]; + _trustLevel = [MXUserTrustLevel trustLevelWithCrossSigningVerified:isVerified locallyVerified:isVerified]; + } + else + { + _trustLevel = [aDecoder decodeObjectForKey:@"trustLevel"]; + } } return self; } @@ -102,6 +114,7 @@ - (void)encodeWithCoder:(NSCoder *)aCoder [aCoder encodeObject:_userId forKey:@"userId"]; [aCoder encodeObject:_keys forKey:@"keys"]; [aCoder encodeObject:_trustLevel forKey:@"trustLevel"]; + [aCoder encodeInteger:2 forKey:@"version"]; } diff --git a/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m b/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m index fc077033e3..c3e650f7ce 100644 --- a/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m +++ b/MatrixSDK/Crypto/CrossSigning/MXCrossSigning.m @@ -751,6 +751,10 @@ - (BOOL)isSelfTrusted { isMasterKeyTrusted = YES; } + else if ([self hasMatchingMasterPrivateKeyInCryptoStore:myCrossSigningInfo.masterKeys]) + { + isMasterKeyTrusted = YES; + } else { // Is it signed by a locally trusted device? @@ -969,6 +973,23 @@ - (void)signObject:(NSDictionary*)object withKeyType:(NSString*)keyType #pragma mark - Private keys storage +- (BOOL)hasMatchingMasterPrivateKeyInCryptoStore:(MXCrossSigningKey *)masterKey +{ + NSString *mskPrivateKeyBase64 = [self.crypto.store secretWithSecretId:MXSecretId.crossSigningMaster]; + // Check it is valid and corresponds to our current master keys + if (mskPrivateKeyBase64 && masterKey) + { + OLMPkSigning *mskPkSigning = [self.crossSigningTools pkSigningFromBase64PrivateKey:mskPrivateKeyBase64 + withExpectedPublicKey:masterKey.keys]; + if (mskPkSigning) + { + return YES; + } + } + + return NO; +} + - (BOOL)haveCrossSigningPrivateKeysInCryptoStore { NSString *uskPrivateKeyBase64 = [self.crypto.store secretWithSecretId:MXSecretId.crossSigningUserSigning]; diff --git a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift index 9de46d0e37..7f01767846 100644 --- a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift +++ b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfoUnitTests.swift @@ -77,10 +77,107 @@ class MXCrossSigningInfoUnitTests: XCTestCase { XCTAssertKeysEqual(info.masterKeys, masterKeys) XCTAssertKeysEqual(info.selfSignedKeys, selfSigningKeys) XCTAssertNil(info.userSignedKeys) - XCTAssertEqual( - info.trustLevel, - MXUserTrustLevel(crossSigningVerified: true, locallyVerified: true) - ) + XCTAssertTrue(info.trustLevel.isLocallyVerified) + XCTAssertTrue(info.trustLevel.isCrossSigningVerified) + } + + func test_canDecodeModelV0() throws { + // Load up previously saved data using version 0 of the model + let bundle = Bundle(for: MXCrossSigningInfoUnitTests.self) + guard let url = bundle.url(forResource: "MXCrossSigningInfo_v0", withExtension: nil) else { + XCTFail("Missing migration data") + return + } + let data = try Data(contentsOf: url) + + // Unarchive using current model + guard let unarchived = NSKeyedUnarchiver.unarchiveObject(with: data) as? [MXCrossSigningInfo] else { + XCTFail("Failed to unarchive data") + return + } + + // This data should contain 4 cross signing info objects + XCTAssertEqual(unarchived.count, 4) + + XCTAssertEqual(unarchived[0].userId, "Alice") + XCTAssertFalse(unarchived[0].trustLevel.isLocallyVerified) + XCTAssertFalse(unarchived[0].trustLevel.isCrossSigningVerified) + + XCTAssertEqual(unarchived[1].userId, "Bob") + XCTAssertFalse(unarchived[1].trustLevel.isLocallyVerified) + XCTAssertTrue(unarchived[1].trustLevel.isCrossSigningVerified) + + XCTAssertEqual(unarchived[2].userId, "Carol") + XCTAssertTrue(unarchived[2].trustLevel.isLocallyVerified) + XCTAssertFalse(unarchived[2].trustLevel.isCrossSigningVerified) + + XCTAssertEqual(unarchived[3].userId, "Dave") + XCTAssertTrue(unarchived[3].trustLevel.isLocallyVerified) + XCTAssertTrue(unarchived[3].trustLevel.isCrossSigningVerified) + } + + func test_canDecodeModelV1() throws { + // Load up previously saved data using version 1 of the model + let bundle = Bundle(for: MXCrossSigningInfoUnitTests.self) + guard let url = bundle.url(forResource: "MXCrossSigningInfo_v1", withExtension: nil) else { + XCTFail("Missing migration data") + return + } + let data = try Data(contentsOf: url) + + // Unarchive using current model + guard let unarchived = NSKeyedUnarchiver.unarchiveObject(with: data) as? [MXCrossSigningInfo] else { + XCTFail("Failed to unarchive data") + return + } + + // This data should contain 2 cross signing info objects + XCTAssertEqual(unarchived.count, 2) + + // Alice had both crossSigningVerified and locallyVerified set to false => is not verified + XCTAssertEqual(unarchived[0].userId, "Alice") + XCTAssertFalse(unarchived[0].trustLevel.isLocallyVerified) + XCTAssertFalse(unarchived[0].trustLevel.isCrossSigningVerified) + + // Bob had crossSigningVerified set to true and locallyVerified set to false => is verified + XCTAssertEqual(unarchived[1].userId, "Bob") + XCTAssertTrue(unarchived[1].trustLevel.isLocallyVerified) + XCTAssertTrue(unarchived[1].trustLevel.isCrossSigningVerified) + } + + func test_canEncodeDeprecatedModel() throws { + // In this test we ensure that once unarchived a deprecated model, we can archive it using the current + // schema, ie storing the `isLocallyTrusted` and `isCrossSigningTrusted properties, which is asserted + // by unarchiving once again. + + // Load up previously saved data using version 0 of the model + let bundle = Bundle(for: MXCrossSigningInfoUnitTests.self) + guard let url = bundle.url(forResource: "MXCrossSigningInfo_v1", withExtension: nil) else { + XCTFail("Missing migration data") + return + } + + // Unarchive from deprecated to current, re-archive via current model, and then once again unarchive + let data = try Data(contentsOf: url) + guard let unarchived1 = NSKeyedUnarchiver.unarchiveObject(with: data) as? [MXCrossSigningInfo] else { + XCTFail("Failed to unarchive data") + return + } + let archived = NSKeyedArchiver.archivedData(withRootObject: unarchived1) + guard let unarchived2 = NSKeyedUnarchiver.unarchiveObject(with: archived) as? [MXCrossSigningInfo] else { + XCTFail("Failed to unarchive data") + return + } + + // We expect all of the values to match the original data + XCTAssertEqual(unarchived2.count, 2) + XCTAssertEqual(unarchived2[0].userId, "Alice") + XCTAssertFalse(unarchived2[0].trustLevel.isLocallyVerified) + XCTAssertFalse(unarchived2[0].trustLevel.isCrossSigningVerified) + + XCTAssertEqual(unarchived2[1].userId, "Bob") + XCTAssertTrue(unarchived2[1].trustLevel.isLocallyVerified) + XCTAssertTrue(unarchived2[1].trustLevel.isCrossSigningVerified) } private func XCTAssertKeysEqual(_ key1: MXCrossSigningKey?, _ key2: MXCrossSigningKey?, file: StaticString = #file, line: UInt = #line) { diff --git a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v0 new file mode 100644 index 0000000000000000000000000000000000000000..d9aeae663be7ee6b79d83a03981a05b3477089c8 GIT binary patch literal 681 zcmZutOKTHR6h0?y+L=C*Nz|(K9j4k=t)(hKd=XpJU@}!EiDMRqNpc%Ur!!^lB#?!8 z#TQaUe69p-RCFUQd{l8&MAVI7t*9Hpjo=Rubt4XwQC#$HzI(s(-E+S07H#N5?Vue^#GmQhHY84J?&MPI_=9nUy`NO1O(=g!a8#y5;$$LnZ6l0#~Eyt%U z)3h1h7ecLV^Oh_XSFhW!anrW#gS+F&v}lxdeY!mmoST*8KCe|qEa)nww}eo54)d{Q z*23DEFcavQzhGhKqQ$8rq)IboO00M>Yg=V%CrE|ptcd|@V2$aRt`*3;z_R5lB9WZX zq0vFhq*T^QhGvv9#L`AIQp^b3s_WIi9P@MBbl1vN-PyVULmeeb{Yq#~5RyvT z8JhYxvDVW&3#&--u)7kc)ta?AA)HkHHxM^Q%vzuGaTeZ-II!N$!ZBXnVdmW=(FpVN zoLAqn)vdR(w)CKCnR-2I)UnTdik-V$MSulULu#eIjHn~vdB>DAykC-ImZer}QZH~2 zf=&>j2L>PtaY(>Ekf8*lV8Ky131?v(&cS)O0GHqzOu$`u0FPi2p29Pjf>-bbzQYgr z3BTYs@)*W0?8ePFgmFBGDpv3q9>)`S3eVs;Uc}3I1+U_DoWPrS8}Hyfe29;65})7{ hKF1gM5?|vRe2*XSBYwiq_!Zpa!#cuV4?Vzde*nb($8G=s literal 0 HcmV?d00001 diff --git a/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v1 b/MatrixSDKTests/Crypto/CrossSigning/Data/MXCrossSigningInfo_v1 new file mode 100644 index 0000000000000000000000000000000000000000..c3ad29960a8cf637d7c2bb0c9fc7900931fd8587 GIT binary patch literal 428 zcmZvX%P&Jw5XQf$qOC`(-dYq#;!)DrSeI3UirlKJkw_m$9j<%joRTyVxv{Xbv9puL z!a_udm5sd>;g68`BQ))`Gn?PcWM;l^a)*XcrC98fTn+BVre>ecj=5CAGB;UP=66N4 zO0kl4s52|K$MYo>1f5@R2mDEGiI;gH?hL(qyeVl}C7W(rS~~}a#;2y&nR#RwA8qaa zU?!=}I{RssH?m4q0v)!?ZnT@f+Pk`Ydi(kZLgCatFRS#C;xbXl2$kki> Date: Wed, 22 Mar 2023 15:04:20 +0000 Subject: [PATCH 3/5] Safe unwrap of relation --- MatrixSDK/Aggregations/MXAggregatedPollsUpdater.swift | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/MatrixSDK/Aggregations/MXAggregatedPollsUpdater.swift b/MatrixSDK/Aggregations/MXAggregatedPollsUpdater.swift index fe04cc0233..c1ad30a604 100644 --- a/MatrixSDK/Aggregations/MXAggregatedPollsUpdater.swift +++ b/MatrixSDK/Aggregations/MXAggregatedPollsUpdater.swift @@ -34,8 +34,9 @@ public final class MXAggregatedPollsUpdater: NSObject { // the poll refresh is meant to be done at the end of a poll guard event.eventType == .pollEnd, - event.relatesTo.relationType == MXEventRelationTypeReference, - let pollStartEventId = event.relatesTo.eventId + let relatedTo = event.relatesTo, + relatedTo.relationType == MXEventRelationTypeReference, + let pollStartEventId = relatedTo.eventId else { return } From 0c802e095158378c608ad388079a6cab0d41569d Mon Sep 17 00:00:00 2001 From: Doug Date: Wed, 22 Mar 2023 15:25:19 +0000 Subject: [PATCH 4/5] version++ --- CHANGES.md | 5 +++++ MatrixSDK.podspec | 2 +- MatrixSDK/MatrixSDKVersion.m | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 00324a763e..423b5033cc 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,8 @@ +## Changes in 0.26.3 (2023-03-22) + +No significant changes. + + ## Changes in 0.26.2 (2023-03-21) 🙌 Improvements diff --git a/MatrixSDK.podspec b/MatrixSDK.podspec index de6a606fc1..a03a2338cc 100644 --- a/MatrixSDK.podspec +++ b/MatrixSDK.podspec @@ -1,7 +1,7 @@ Pod::Spec.new do |s| s.name = "MatrixSDK" - s.version = "0.26.2" + s.version = "0.26.3" s.summary = "The iOS SDK to build apps compatible with Matrix (https://www.matrix.org)" s.description = <<-DESC diff --git a/MatrixSDK/MatrixSDKVersion.m b/MatrixSDK/MatrixSDKVersion.m index 66223f4ac9..7a5f2ae7df 100644 --- a/MatrixSDK/MatrixSDKVersion.m +++ b/MatrixSDK/MatrixSDKVersion.m @@ -16,4 +16,4 @@ #import -NSString *const MatrixSDKVersion = @"0.26.2"; +NSString *const MatrixSDKVersion = @"0.26.3"; From b417b6aaa87595ab68ea4aaf779b703dc47180ab Mon Sep 17 00:00:00 2001 From: Doug Date: Wed, 22 Mar 2023 17:04:58 +0000 Subject: [PATCH 5/5] finish version++